Security vendors around the world are now warning that a new version of the Shylock malware is aimed at Skype users as Microsoft is struggling to move Windows Live Messenger to the VoIP platform. Threatpost
writes that the new piece of malware has been spotted in the UK, Europe and the US and it comes with new features, such as the possibility to send malicious links to the victim’s contacts though the chat option.
The Trojan was specifically designed to steal financial information, such as login details for banking webpages and it even boasts the ability to perform code-injection attacks.
“The malware relies on a network of infected Web sites to perform drive-by download attacks as the initial infection vector, and once it is resident on a new machine and finds the Skype application, it then sends malicious links to the victim's contacts through the chat function,” Threatpost writes.
According to security researchers at CSIS, the Skype infection is based on a malicious plugin called “msg.gsm” and allows the malware to send messages and transfer files, clean messages and transfers from Skype history and even bypass the Skype warning for connecting to servers.
Last but not least, the updated Shylock version can also spread via network shares and USB drives, allowing the attacker to perform a number of actions on the infected computer, including stealing cookies and downloading and running files.
Security vendors have already started updating anti-virus products with new definitions for this form of the Shylock malware, so make sure your security solution is up to date.
In the meantime, Microsoft continues the Windows Live Messenger – Skype transition, with users encouraged to migrate to the VoIP platform before March 15
. WLM will go offline at that date, but the Messenger service will continue to be available for a little longer.