Skype users beware: a new instant messaging worm that spreads using the chat features in the popular VoIP application has been found.
The worm, dubbed Pykse.A , targets Skype users running Windows with a chat message containing a malicious web link that looks like it goes to a JPEG file on a website, according to security firm F-Secure .
Clicking on the link will take the user to a malicious file which will send a malicious link to all the user's listed Skype contacts. The link will show a picture of a half-naked woman, F-Secure said, and will reset the user's Skype status to 'Do not disturb' so that any replies sent from people who have received the link are ignored.
"Once it's up and running, the Pykse worm attempts to connect to a number of remote websites, presumably in an attempt to generate advertising revenue for them by increasing their number of 'hits'," said Graham Cluley, senior technology consultant for security firm Sophos .
"It's another example of the methods that malware authors can use to make money. With an ever increasing wave of malicious attacks, companies need to ensure that not only do they have secure defences in place, but also that they are enforcing policies about what programs their users can run and which websites their PCs can visit."
Kurt Sauer, Skype's chief security officer, stated that Skype was likely to be targeted by hackers, just as other companies have been in the past. In the last few months, several worms targeting Skype have been reported but none have particularly widespread.
"Harmful viruses and Trojan horses may damage a user's computer and collect private data, regardless of whether a person is using Skype, e-mail or other IM clients," Sauer said in a statement. "Skype strongly recommends that users take extra caution in general when asked to open attachments or links from unknown people, or suspicious-looking attachments even from people you know."
Skype also recommends using antivirus software to check the files received from other people.