Spam Sends Malicious Links to Skype Users

Tuesday, May 18 2010 @ 04:43 AM CDT

Contributed by: Admin

Views: 120

Security Alerts

TrendLabsSM engineers recently discovered a new Skype spam campaign. The spam arrives as a message from a user’s list of contacts. It contains a list of links with the domain 4.171.116, most of which are already inactive.


One of these links has been found to lead to the download of a malicious file detected by Trend Micro as WORM_PALEVO.AZA. This appears as a TinyURL link that resolves to http://4.171.116/suspended.page/slika.exe. The file slika.exe terminates Windows Update Service and attempts to establish connections to the remote servers .97.166 and .77.59 using TCP ports 80 and 1234, respectively.

Trend Micro™ Smart Protection Network™ protects product users from this threat by preventing the spammed messages from even reaching users’ inboxes via the email reputation service. It also blocks access to malicious sites and domains that host malware-ridden files via the Web reputation service and prevents the download and execution of WORM_PALEVO.AZA via the file reputation service.

http://blog.trendmicro.com/

  • Currently 0.00/5
Rating: 0.00/5 (0 votes cast)

What's Related

Story Options

Trackback

Trackback URL for this entry: http://chatshack.com/trackback.php?id=2010051804433074

No trackback comments for this entry.

0 comments

The following comments are owned by whomever posted them. This site is not responsible for what they say.

Navigation