IM-Worm:W32/Pykse.A ,a new instant-messaging malware that spreads using the chat feature in Skype has appeared , according to a warning by security company F-Secure.
The worm, dubbed Pykse.A, is comparable to threats that affect IM applications. A targeted Skype user will receive a chat message with text and a web link that looks like it goes to a display Jpeg file on a website, F-Secure said on its website.
Clicking the link will redirect the user to a malicious file. After running the malware, the file will send a malicious link to all online contacts in a Skype user's list and will show a picture of a lightly dressed woman, F-Secure said. In addition, it sets the user's Skype status message to "Do Not Disturb", the company said.
Pykse also visits a number of websites that don't host any malicious code and a site that appears to count infected machines, F-Secure said. The Finnish security company doesn't list any particular malicious payload for Pykse other than it spreading and visiting websites. The IM worm affects Skype users running Windows.
Such threats for Skype aren't new. Last month, hackers adapted the Warezov Trojan horse to target Skype users. This threat also arrived with a web link sent in a Skype chat message. Clicking on the link would result in a PC being at the beck and call of the attacker and the Trojan horse sending messages to the victim's Skype contacts.
In February, attackers also targeted Skype users with another Trojan that had propagation capabilities.
Skype has acknowledged in the past that its IM feature could be used for malicious purposes just like any other IM service. Kurt Sauer, Skype's chief security officer, repeated that acknowledgment.
He said in the statement: "Harmful viruses and Trojan horses may damage a user's computer and collect private data, regardless of whether a person is using Skype, email or other IM clients.
Skype strongly recommends that users take extra caution in general when asked to open attachments or links from unknown people, or suspicious-looking attachments even from people you know."
Skype also recommends using antivirus software to check the files received from other people.
