Ransomware traps Skype users with fake ads

Posted on Wednesday April 12, 2017

Skype has made many improvements to become the go-to audio and video communication tool. But as more people turn to Skype to conduct their business, hackers are sure to follow. Recently, Skype has been plagued with fake Flash ads, which if triggered, lead to devastating ransomware infections. Read on below to find out how you can stay safe from this attack.

Initial reports found that the fake Skype ad was disguised as a critical Flash update. Clicking on the ad triggers a download of a seemingly innocuous HTML application named “FlashPlayer.hta”. If opened, the app would download malicious code that encrypts the victim’s files and holds them hostage until a ransom is paid.

According to security experts, hackers were obfuscating malicious code in the fake ads, which helped the ransomware evade detection from common antivirus tools. Many other users in the past have encountered similar Skype ads, but this is one of the first few scams that delivers ransomware.

To protect yourself against this ransomware you need to do the following:

• Be critical - you must be careful of opening suspicious ads and links from Skype -- or any content off the internet for that matter. Before you click on a link, hover over it to see where it leads. Unsolicited emails with links and downloadable files should also be avoided unless you’re certain it’s coming from a credible source.
• Download only from trusted sources - just like the tip mentioned above, make sure the software you download are from trustworthy app stores. In this case, Adobe Flash plugins should be downloaded directly from the official site, not from random ads.
• Install security software - strong antivirus, intrusion prevention systems, and other cybersecurity solutions can detect and block ransomware before it makes your entire system unusable.
• Invest in backups - storing your data in multiple cloud-hosted data centers will help you recover critical files should ransomware manage to infect your local computers.

When it comes to ransomware, hackers don't always return your files and we never recommend giving in to their demands. Staying informed and being prepared is the best solution to any malware.

Skype is the last place you’d expect a hacker to turn up, but if you don’t account for all possible vulnerabilities -- including security flaws in your VoIP solution -- your business has a bleak future. Contact us to protect your VoIP, your cloud, and your business today.