Skype Users Be Warned: Ransomware Afoot

By Steve Anderson April 03, 2017

Scott Adams of Dilbert fame once noted that, wherever there was money, there would be weasels trying to lay hands on said money, and usually in a direct proportion. While Adams didn't quantify the exact weasel-to-dollars ratio—he suggested that such quantification would land someone a Nobel Prize—it was enough to note it existed. That particular connection has been abundantly demonstrated thanks to a new warning to Skype users: watch out for ransomware in the system.

More specifically, the ads are showing up through the Skype app, suggesting that it was a critical update for the Flash Web plug-in. The ad was found on the Skype home screen, and the world was notified via a thread on Reddit. The ad in question, when activated, would then begin a download of a HTML application, and when opened, the app would activate a payload of ransomware.

The ransomware delivery system's two-stage design—in which it requires a user to download a bit of JavaScript that in turn activates a covert download from a separate domain that contains the ransomware—makes it particularly adept at getting around antivirus tools. The good news is, reports note, the domain the original download pointed back to no longer exists, though future versions may have new domains.

Further good news may be afoot with the revelation of new admin tools for Skype for Business users. Microsoft recently rolled out the beta of a Call Analytics Dashboard that offers diagnoses of issues related to call quality.  While this may only have so much impact on an app that delivers malware via faulty link, if the dashboard in question can be set up to restrict pop-up advertising—since this is a beta, it's not clear where it will end up from here—that may nip this problem in the bud.

Even if it doesn't, there's still good news: since the ransomware in question requires an ad to be clicked on to activate, not clicking on an ad should deflect the worst of the trouble here. Since it can be so readily shut down, that means just a little vigilance on the user’s part should take care of a good chunk of this problem at the outset. Further, it's also worth noting that users need to remain vigilant in general, and should establish offline backups of files on any device. A USB hard drive, thumb drives, or even a separate computer not connected to the Internet will serve as an excellent means to keep files safe from ransomware.

Just a little extra vigilance should protect from this latest threat, and though the weasels mentioned earlier will always be with us, we have the means to protect ourselves against their depredations.




Edited by Alicia Young

Contributing Writer

SHARE THIS ARTICLE
Related Articles

GENBAND & Sonus Go Dutch for Merger

By: Maurice Nagle    5/23/2017

Mergers and acquisitions are the norm in business. However, it's not every day that two major cloud communications players with highly complementary o…

Read More

The Killer App for VR: The Ability to Meet Yourself

By: Rob Enderle    5/23/2017

I was at a VR event this week, and I'm sure the speaker misspoke when he said that one of the benefits of VR is the ability to meet yourself. But the …

Read More

WannaCry Ransomware Holds Files Hostage: Best Practices to Avoid Being a Victim

By: Special Guest    5/23/2017

More than 200,000 computers in more than 150 countries were crippled by a massive ransomware attack, dubbed WannaCry, and security experts warned that…

Read More

LeoSat Secures Japanese Investment for Enterprise Broadband Satellite Network

By: Doug Mohney    5/23/2017

Another broadband satellite cloud network moved closer to reality this month, with LeoSat securing an investment from SKY Perfect JSAT (SJC) Corporati…

Read More

Organizations Can Combat WannaCry & Jaff Ransomware With Well Instrumented DNS

By: Special Guest    5/22/2017

The Infoblox Intelligence Unit observed two global malware outbreaks on Friday, May 12. Although there is no indication that the two attacks were rela…

Read More