USERS OF Skype have been targeted in a wave of fake Adobe Flash in-app adverts that, when activated, deliver ransomware payloads to Windows-based PCs.
The attacks are the latest in a series of attacks that compromise advertising networks in order to deliver malware to end users.
Skype users have taken to Reddit and have suggested that the dodgy pop-ups were pushed via adverts in Skype's ad-supported app, rather than via the Skype website, which users can also log-in to in order to use the communications app.
It is believed that the attack was intended to propagate the Locky ransomware, given the way in which the payload is downloaded. The gang behind Locky regularly register and deregister domains in a bid to stay ahead of security researchers and to avoid detection and, potentially, identification.
In a statement, Microsoft urged users to exercise caution: "We're aware of a social engineering technique that could be used to direct some customers to a malicious website.
"We continue to encourage customers to exercise caution when opening unsolicited attachments and links from both known and unknown sources and install and regularly update anti-virus software."
Locky is one of the most widely propagated forms of ransomware. In a campaign last autumn, the attackers sought to spread the malware via email phishing campaigns using malicious Windows Script File (WSF) attachments.
WSF files are designed to allow a mix of scripting languages in a single file, and are opened and run by the Windows Script Host. Files with the WSF extension are not automatically blocked by some email clients and can be launched like an executable file, hence their popularity with the propagators of malware. µ
And, er, not much else
To serve, protect, and get incredibly hot and dusty
Symantec links attack to prolific Lazarus hacking group
Chinese firms drive global smartphone growth in first quarter