Skype users are warned to be on their guard, regarding malicious instant messages that have been sent through the service, designed to infect Windows computers.
A malicious worm is taking advantage of the Skype API to spam out messages similar to the one below:
lol is this your new profile pic? http://goo.gl/[REDACTED]?img=[USERNAME]
Clicking on the suspicious links leads to the download of a ZIP files (variously called skype_06102012_image.zip or skype_08102012_image.zip) that contains executable files detected by Sophos anti-virus products as Troj/Agent-YCW or Troj/Agent-YDC.
The Trojan horse opens a backdoor, allowing a remote hacker to take control of infected PCs, communicating with a remote server via HTTP.
On execution the malware copies itself to
and sets the autostart entry as below…
Read more in my article on the Naked Security website.