2 min read

Fraudsters Impersonate Skype Team to Compromise German Users Systems

Loredana BOTEZATU

April 10, 2013

Fraudsters Impersonate Skype Team to Compromise German Users Systems

Germans speaking users are targeted by crooks that compromise their systems and download other malware on their devices depending on the campaign variety they have in mind. Today it can be banking credentials. Tomorrow it can be social networking login data. The next day they use people’s systems to initiate a DDoS attack against who-knows what company or institution website.

The present sample is an e-mail allegedly sent by Skype with the subject tagline “Wir haben Ihre Bestellung geliefert” (in English We have delivered your order) that comes bundled with a Trojan downloader hidden into an attached ZIP archive.

The message tells the recipient he can view all details of the order in the attachment Die Einzelheiten Ihres Einkaufs. But if the user opens the ZIP file, he will get his PC infected with a dropper Trojan identified by Bitdefender as Trojan.Injector.APO.

Once on the system, the Trojan dropper immediately discards its payload, in this case Trojan.Injector.APN – malware that instantly contacts a remote command server and sends information about the infected computer. From this remote server it will also download dangerous code depending on the type of attack the crook chooses for that campaign.

Trojan.Injector.APN can spread from one computer to another by infecting removable devices or network drives. When these compromised devices are accessed from a clean system with the Autorun feature enabled, they immediately pass the infection from one system to the other.

The links included in the e-mails we have analyzed to this date are all clean leading to the official Skype page. But be advised that this might not be the case with all such messages, and therefore avoid clicking them altogether mainly with all that has been going around these days with the malicious Skype-sent links leading to Bitcoin-themed malware.

To stay protected against autorun-based malware, run our USB Immunizer that disables the all Autorun threats before they reach your system.

This article is based on the technical information provided courtesy of Doina Cosovan, BitDefender Virus Analyst.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read