Skype Used to Spread Trojan

Wednesday, May 29, 2013 @ 02:05 PM gHale

Users receiving shortened URLs in Skype instant messages, or similar IM platforms, beware, there could be a Trojan called Liftoh lurking behind the message.

To date it has hit users in Latin America, said Rodrigo Calvo, a researcher at Symantec.

Skype Malware Helps Mine for Bitcoins
Automated Rootkit Sold Underground
Avatar Rootkit Uses Yahoo for C&C
Trojan Variant Packages with Rootkit

When targeted, victims receive a message in Spanish containing a shortened URL. The messages appear as if they are coming from someone on the user’s Skype contact list who is linking to a photo.

If clicked, the link redirects users to, which is hosting a URL, which initiates a weaponized zip file containing Liftoh. The Trojan is the capable of downloading additional malware.

So far users have clicked on the malicious URLs more than 170,000 times, Symantec said.

One Response to “Skype Used to Spread Trojan”

  1. […] Skype Used to Spread Trojan  – There is a new Trojan floating around the internet in shortened URLs. I’ll  be honest, I thought we had gotten smart enough to ignore these shortened URLs at least a few years ago, so in my opinion, if you click on one (especially in a foreign language?) it is on you. Apparently 170,000 users have already clicked the link, so be careful. Via ISS Source, more here. […]

Leave a Reply

You must be logged in to post a comment.