New Ransomware Scam: Pay $200 to Retrieve Files

Dennis Faas's picture

Several security advisors are warning Skype users to watch out for bogus messages with links that install malicious software. Once installed, a worm virus may pretend to hold the user's files hostage and demand payment for releasing them.

Graham Cluely of security firm Sophos warns that the scam involves instant messages rather then voice or video chats. Potential victims receive a message containing phrases such as "lol is this your new profile pic?"

The message includes a link that takes the user to a Google website featuring their own Skype name. In fact, the link points to "", rather than ""

Clicking the link on the bogus site takes users to a file-sharing site that automatically downloads and installs rogue software.

Beware the Dorkbot: Security Expert

Cluely notes that the software is a variant of a worm known as Dorkbot that will attempt to replicate itself and spread to other computers.

Dorkbot aims to create a network of infected machines controlled by remote hackers.

At the moment, it appears those hackers are sending infected computers to a web address that makes it appear computer users are repeatedly hitting pay-per-click Internet ads, generating income for the scammers.

Skype Users Face Ransom Threat

Rik Ferguson of Trend Micro says that, in some cases, the rogue software also downloads and installs a 'ransomware' application that prevents users from accessing their own files. (Source:

The software then warns the user that the files will be deleted if they don't pay a $200 fee within 48 hours.

Security experts don't yet know whether the scammers follow through on this threat. However, making the payment reveals credit card details and opens the door to further fraud.

Skype has issued a statement saying, in part:

"Skype takes the user experience very seriously, particularly when it comes to security. We are aware of this malicious activity and are working quickly to mitigate its impact. We strongly recommend upgrading to the newest Skype version and applying updated security features on your computer. Additionally, following links, even when from your contacts, that look strange or are unexpected is not advisable." (Source:

This is good advice, and particularly worth remembering when using communications applications like Skype.

Rate this article: 
No votes yet