Since Skype is a free service for consumers, it generally has to rely on advertising to turn a profit. As a result, most users regularly see banner ads on the video calling interface. Recently, hackers have begun to exploit these advertisements by distributing fake ads that contain ransomware. If you’re an avid Skype user, here’s what you need to know about the attack.
Initial reports found that the fake Skype ad was disguised as a critical Flash update. Clicking on the ad triggers a download of a seemingly innocuous HTML application named “FlashPlayer.hta”. If opened, the app would download malicious code that encrypts the victim’s files and holds them hostage until a ransom is paid.
According to security experts, hackers were obfuscating malicious code in the fake ads, which helped the ransomware evade detection from common antivirus tools. Many other users in the past have encountered similar Skype ads, but this is one of the first few scams that delivers ransomware.
To protect yourself against this ransomware you need to do the following:
When it comes to ransomware, hackers don't always return your files and we never recommend giving in to their demands. Staying informed and being prepared is the best solution to any malware.
Skype is the last place you’d expect a hacker to turn up, but if you don’t account for all possible vulnerabilities -- including security flaws in your VoIP solution -- your business has a bleak future. Contact us to protect your VoIP, your cloud, and your business today.