The malware hides inside some advertisements asking users to update the FlashPlayer plug-in. Designed to target Windows
Still bad news on the computer security front. To end up under the fire of hackers this time is Skype, or rather its users, hit by malicious advertisements. The ads, if opened, end up downloading a fearsome malware on the victims' devices.
A ransomware to be precise, the ransom virus capable of encrypting all users' data and asking for money in exchange. The new phishing attempt has been made public on Reddit and acts by hiding behind what seems to be necessary and important updates to be made for the FlashPlayer plug-in. The pop-up, according to reports from some of the people who have come across the malware, appears within the main Skype screen, in the space where advertisements are hosted. A technique that has been used in the past, but still manages to fool many users.
The strategy of the ransomware virus
The cyber criminals' strategy starts with a simple, seemingly harmless advertisement. If the naive user falls into the hacker's trap and opens the ad, the link downloads an HTML app on the victim's device that contains malware. If opened, the malicious app encrypts all the user's files and then asks for a ransom in exchange for "freeing" the data. Classic mechanism used by the infamous ransomware virus. According to some experts in the field, the malware has been designed to mainly affect machines running on Microsoft's operating system.
It also fools antivirus
The problem is that the technique used by the hackers prevents normal antimalware and antivirus from blocking the downloaded malicious application. And there's more, unfortunately. In order to prevent the malware from being traced, cyber criminals "host" the ransomware in temporary domains, which are deleted as soon as the malicious software is downloaded to the victim's machine.
How to protect yourself
This umpteenth case shows that in most cases hackers strike mainly through the unknowing cooperation of users. Learn to be suspicious. Do not click or open links from unknown sources. Think a software needs to be updated? Download it from the manufacturer's official website.