IT Masala

A new Skype worm that displays an image of a scantily clad woman wearing stilettos (shown left) has been identified by security companies F-Secure and Sophos.

The worm has been named “IM-Worm:W32/Pykse.A” by F-Secure and Mal/Pykse-A by Sophos.

How Does it Affect ? 

Pykse-A is most likely to be installed by clicking on a link contained in a received Skype message. It sets the Skype user’s status to DND (do not disturb) before sending a message with a malware link to all online friends in the Skype contact list.

If the recipient clicks on the link, a Trojan dropper (detected as Troj/Dropper-OI) is downloaded. When Troj/Dropper-OI is executed, an enticing image(scantily clad model wearing stiletto heeled shoes) is displayed, and Pykse-A is dropped and silently executed.

The image of the woman is displayed in a bid by the malware creator to cover up the true purpose of the download.

Where does the link in the message lead to ? 

The link (contains ”The Living Africa” content , which has been ripped from a legitimate site: library.thinkquest.org.) also directs users to at least eight Web sites with information about Africa. It's not clear what type of scam or harm those pages intend, but some of the sites have advertising on them, indicating that it might be a click-fraud scam, said Graham Cluley, senior technology consultant for Sophos PLC.

Whats Click Fraud - Click fraud refers to the various tricks used to get clicks on advertising banners, which generate revenue for Web page owners.

Please follow the instructions for removing worms