Fraudsters Impersonate Skype Team to Compromise German Users Systems
Germans speaking users are targeted by crooks that compromise their systems and download other malware on their devices depending on the campaign variety they have in mind. Today it can be banking credentials. Tomorrow it can be social networking login data. The next day they use people’s systems to initiate a DDoS attack against who-knows what company or institution website.
The present sample is an e-mail allegedly sent by Skype with the subject tagline “Wir haben Ihre Bestellung geliefert” (in English We have delivered your order) that comes bundled with a Trojan downloader hidden into an attached ZIP archive.
The message tells the recipient he can view all details of the order in the attachment Die Einzelheiten Ihres Einkaufs. But if the user opens the ZIP file, he will get his PC infected with a dropper Trojan identified by Bitdefender as Trojan.Injector.APO.
Once on the system, the Trojan dropper immediately discards its payload, in this case Trojan.Injector.APN – malware that instantly contacts a remote command server and sends information about the infected computer. From this remote server it will also download dangerous code depending on the type of attack the crook chooses for that campaign.
Trojan.Injector.APN can spread from one computer to another by infecting removable devices or network drives. When these compromised devices are accessed from a clean system with the Autorun feature enabled, they immediately pass the infection from one system to the other.
The links included in the e-mails we have analyzed to this date are all clean leading to the official Skype page. But be advised that this might not be the case with all such messages, and therefore avoid clicking them altogether mainly with all that has been going around these days with the malicious Skype-sent links leading to Bitcoin-themed malware.
To stay protected against autorun-based malware, run our USB Immunizer that disables the all Autorun threats before they reach your system.
This article is based on the technical information provided courtesy of Doina Cosovan, BitDefender Virus Analyst.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021