October 26, 2012Blog Staff By Blog Staff

Bogus Skype ‘Password successfully changed’ notifications lead to malware

Skype users, beware!

Cybercriminals are currently spamvertising millions of emails impersonating Skype, in an attempt to trick Skype users that their password has been successfully changed, and that in order to view their call history and change their account settings, they would need to execute the malicious attachment found in the emails.

More details:

Screenshot of the spamvertised email:

Detection rate for the malicious attachment: MD5: 0e78d3704332c59b619f872fd6d33d25 – detected by 32 out of 43 antivirus scanners as Trojan-Downloader.Win32.Andromeda.qw. Upon execution, the malware opens a backdoor allowing the cybercriminals behind the campaign complete access to the affected user’s host.

We’ve already seen the same MD5 used in the recently profiled “‘Your UPS Invoice is Ready’ themed emails serve malware” campaign. Clearly, they’re both launched by the same cybercriminal/gang of cybercriminals.

Webroot SecureAnywhere users are proactively protected from this threat.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Share Button

2 Responses to Bogus Skype ‘Password successfully changed’ notifications lead to malware

  1. Pingback: Προσοχή Spam email αναφέρει ότι ο κωδικός του Skype σας άλλαξε

  2. Pingback: Indagadores |Seguridad informatica |Seguridad en internet » Correo spam afirma cambiado su contraseña de Skype, conduce a la infección de malware

Leave a Reply

Your email address will not be published. Required fields are marked *