Windows-based Skype users have been told to be on the lookout when sending and receiving instant messages through the widely used VoIP service. According to reports from several security firms, a malicious worm is exploiting Skype’s (News - Alert) API to spam messages related to user’s possible profile pictures. The availed link redirects curious and innocent Skype users to a ZIP file, currently hosted on Hotflie and contains malicious executable software.

The initial downloader, identified as a TROJ_DLOADER.IF, installs a variant of the Dorkbot worm, which detects as WORM_DORKBOT.IF also known as NRGbot. Upon installation, the software, rather, the worm, initiates large-scale click-fraud activity onto the compromised computer hence recruiting it into a botnet.

In addition to this, the infection installs a ransomware variant that locks users out of their machines. To make money from the victims, the cyber criminals demand that users pay up to $200 within 48 hours or else risk losing all their precious data. According to Trend Micro (News - Alert), the worm is spreading fast even while still under investigation.

The instant message leading to the infected URL allegedly reads, “lol is this your new profile pic? http://goo.gl/[REDACTED]?img=[USERNAME].” According to Sophos, the executable within the ZIP file is a Trojan that opens a backdoor allowing hackers to commandeer an infected computer remotely and to access remote servers of choice via HTTP.

The malware also spreads via Facebook and Twitter (News - Alert), USB sticks and various instant messaging protocols. However, the threat is not so much of a threat in such fields since people on such sites, unlike those on Skype, will be more suspicious of links sent to them.

Skype said, "Takes the user experience very seriously, particularly when it comes to security. We are aware of this malicious activity and are working quickly to mitigate its impact." To be safe, Skype users have been encouraged to upgrade to the most recent version of Skype , install all Windows security patches and update the anti-virus client they use. In addition to this, they should avoid clicking on strange links from unknown friends.