Malwares are getting updated during the age of social networking. FortiGuard Labs researchers have discovered a new malware called 'Rodpicom Botnet' that spreads via messaging applications such as Skype and MSN Messenger.
Dubbed W32/Rodpicom.A - Rodpicom Botnet sends a message to the victim with a link to a malicious site that leads to downloadable content. When the user clicks the link, the attack downloads another strain of malware, known as Dorkbot. Once the target machine is infected, it checks to see if the victim is using any messaging applications such as Skype or MSN Messenger.
It is revealed that, the malware employs new stealth tactics, including an exception handling technique that generates its own error to dodge analysis and relies on an anti-emulator that attacks the heuristic-scanning capabilities in antivirus software and enables its code to jump around several hundred times.
The malware is enough smart to checks the language of the installed operating system on the computer by scanning the country code and then customize the message sent to all of the victim’s Skype contacts.
For example, If the infected computer is sourced to the U.S., the malicious link will send a message “lol is this your new profile pic? http:// goo.gl/[removed]”.
The Whole objectives of modules implemented in this malware is to downloading more malicious code, contacting the Command and Control server, spamming and a host of other bot-related activities.
Recommendation : Be careful what you click on.