Websense Security LabsTM has
discovered a new set of the Warezov/Stration malicious code. This new
code is currently spreading through the Skype network. Although the
code itself is not self-propagating, when it runs, a URL is sent to all
users within the user’s Contacts List.
This attack appears to be the same as the version mentioned on the FSecure Blog Feb 27th,
but with new URL information and a new version of the malicious code.
Skype users receive a message that says “Check up this,” with a URL containing a hyperlink. When users click on the link, they are redirected to a site that is hosting a file named file_01.exe. Users are prompted to run the file (note: there is no vulnerability within Skype). If the user runs the file, several other files are downloaded and run.