Malvertising Campaign Targets Skype

Security specialists F-Secure have found a new malvertising campaign that is not only targeting web browsers, but also the popular Skype application.

Malvertising campaigns traditionally inject malicious or malware-laden advertisements into seemingly legitimate online adverts.

Skype Target

But now researchers at F-Secure warned in a blog posting that a new campaign has targeted Skype.

“A malvertising campaign shows that platforms that display ads, even when they are not necessarily the browser, are not immune to the attack,” wrote F-Secure. “An example of a popular non-browser application that shows ads is Skype.”

The researchers said that the malicious online ads were distributed by the AppNexus ad platform (adnxs.com).

When a user clicks on the phony advert, they are redirected to the Angler exploit kit, which installs installs ransomware called TeslaCrypt, which typically demands $500 bitcoins in order to unlock encrypted files.

F-Secure said that the campaign seemed to have ended quite fast and is already over. It also said that this is not the first time infections were launched via Skype.

Earlier this week Palo Alto Networks discovered an unusually complex malware attack that seeks to tap into Skype communications. That malware was the latest iteration in a family of attack code that has previously been linked to cyber-espionage activities possibly sponsored by the Chinese government.

Other Malvertising

Earlier this year Malwarebytes warned that of a malvertising attack that affected mainly adult and video streaming sites, which infects users with ransomware via a dodgy pop-under window.

And in December Proofpoint discovered a malicious Twitter advert that could steal users Facebook credentials. It came in a promoted Twittercard with a fake video is posted on user’s Twitter feed.

Other malvertising attacks have previously affected users of dating websites, social networks and even Forbes.com, leading many to question the safety of online advertising – especially those running Flash.

Are you a security pro? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Russia Accused Of Cyberattack On Germany’s Ruling Party, Defence Firms

German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…

1 day ago

Alphabet Axes Hundreds Of Staff From ‘Core’ Organisation

Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…

2 days ago

Apple Announces Record Share Buyback, Amid iPhone Sales Decline

Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…

2 days ago

Tesla Backs Away From Gigacasting Manufacturing – Report

Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant

2 days ago

US Urges No AI Control Of Nuclear Weapons

No skynet please. After the US, UK and France pledge human only control of nuclear…

2 days ago