The Skype is no longer the limit - new ways malware keeps in touch with your friends

David Wood Microsoft

  download slides (PDF)

Over time, users have regularly been provided with new methods of communicating online with their social contacts, and malware creators have never been far behind in utilizing these same methods to spread their malicious payloads. While mass emailing worms were once highly prevalent, we have since seen malware graduate to spread via instant messaging, and later via social networking sites as users adopted these technologies. We are now beginning to see malware attempting to use programs such as Skype and Twitter to spread amongst the user community.

This paper investigates malware families that use Skype, Twitter and other such technologies to spread, and which also take advantage of them for other elements of their payload such as for command and control, or for information stealing. We look at the methods the malware uses to interact with these applications and their protocols in order to achieve these aims. We also examine social engineering techniques used by the malware, as well as methods used to attempt to avoid detection by security products, or to otherwise prevent removal from affected systems.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.