Regardless of how hard we try to stay safe from online threats, sooner or later they will hit our computer and they hit it hard. So it isn’t surprising at all that wrongdoers found yet another way to infect our Windows-based computers with malware: Skype. If we think about it, hiding the malware in Skype is quite “ingenious”, since we are talking about one of the world’s most used messaging and VoIP services. Moreover, Skype is full of ads, the reason behind the latest scandal: as a user found out, one of these ads pretended to be a Flash Player update, but was nothing more than a malware carrier.
The attack was spotted by a Reddit user who didn’t hesitate to share his findings with the world and Skype, although the company denied delivering infected ads, thus preventing any further widespread infections. Stopping the malware is far more difficult than getting hit by it: after clicking on an infected ad, users are taken to a supposed Adobe Flash Player update, an HTML application in disguise that, after being installed, takes effect right away. To make things worse, there were rumors amongst other Reddit and Twitter users that sometimes the malware was replaced with ransomware, meaning that anyone who got hit by it could say goodbye to his/her computer too.
However, there is nothing lost if you have accidentally clicked on the fake link. Although the page you’re directed to is an almost carbon copy of the real Flash Player page, as in the case of any other virus/malware, there are some visual indications that should immediately turn on the alarm. First, the name of the file is FlashPlayer.hta, which is way different from the real Flash Player download, especially since it is a binary executable file and not an HTML application. Second, the origin of the file is not the Adobe Corporation, but instead some sketchy website registered by the attackers.
And what does this malware do? BleepingComputer dissected FlashPlayer.hta, only to find out that the JavaScript code it contains would execute and run a PowerShell script, which, in turn, would download an encrypted JavaScript payload to complete the attack. Furthermore, BleepingComputer also found two domains that were registered by two different emails, which in turn had already been used in a number of other dubious domains that are already listed in VirusTotal.
Whether you’re one of those internet users who can spot a virus from quite a distance or can’t see the red lights even if they are flashing right in front of you, there are some beneficial programs you should always have to assure your online safety. The first choice is obviously an antivirus/antimalware software to easily block any threat before it can cause damage. However, long gone are the days where these programs were enough, therefore, you should consider investing into a VPN too, since these do more for you than simply unblocking content. Not only they sport strong firewalls, but many also feature ad-blockers that protect your entire computer and not just web browsers. In addition to that, all your internet traffic is encrypted to a military-grade level, so it’s impossible for anyone, even your own ISP, to spy on you.
Nevertheless, none of the above will ever be enough if you don’t have a bit of common sense. Avoid visiting sketchy websites and clicking on any ads, no matter how trustworthy they seem. Likewise, before installing a new program or browser extension, make a quick search to find out what you are dealing with. Look up reviews of the software, something you should also do when scouring the web for a VPN to protect your online activities. In that regard, pay attention to details, as dangers are usually hidden in plain sight. Last but not least, try to stay updated about the latest threats, even if it doesn’t affect you directly.
Taking the above advices not only will make online surfing safer, but you’ll know how to properly educate yourself and stay away from attackers as well.
Best Reviews may receive compensation for its content through paid collaborations and/or affiliate links. Learn more about how we sustain our work and review products.
©2012-2024 Best Reviews, a clovio brand –
All rights
reserved
Privacy
policy
·
Cookie
policy
·
Terms
of use
·
Partnerships
· Contact
us