Skyping can sometimes let cyber-criminals hack your data. Sounds strange, but its true. A recent virus attack targeting Skype users can stop your Skype from functioning. This is not the only incident targeting Skype, there have been many in the past, but this is the latest.

Two possible reasons for this attack:

  1. It may be an attack from communities which don’t want people to use Skype (a slur on Skype’s reputation)
  2. It can also be an attempt to hack your Skype credits and your personal/contact information.

Skype Virus Alert

Skype Virus Alert

How does the attack happen?

The virus spreads through Skype scam-chats. Users from unknown Skype ids ping regular users and request them to download an image in zip format. If one attempts to reply/respond to such unknown messages, one would get immediate reply-backs. This creates the semblance of a human behind the unknown Skype id. But it is actually a computer which has pre-set commands to respond to a user. Suppose, you respond to the ping by asking, “What’s the download about?”, you will get an instant response – “a photo”.

This is the virus message Skype users get:

Skype Virus Alert Message

Skype Virus Alert Message

What if you accept and download the file?

Once you download the file, your Skype account will stop responding. Even if you un-install and re-install another version, you just cannot get going with Skype usage. You can login, but when you try to use Skype, you are at dead end. Your Skype stops responding. This scenario continues even if you login from another computer.

What to do if your Skype is attacked?

If your account is blocked or hacked, contact Skype forum using this link and let them know about your issue. This is the only way to get rid of this virus. Another way is to be extra-cautious and avoid such an attack.

Recent attack:

Recently, some of the users of Skype got an instant chat message containing a link of a JPEG file, from one of the contacts in their list. The image is actually a virus file. People who clicked the link found out that their contact information had been hacked and the same message was sent to all the people in their contact list. The message, which appears to be a legitimate chat message from a known person, tricked many users into clicking on the link.

Hot discussions are going on in the Skype community regarding the recent virus. One person claimed that the hacker spread this virus intentionally during the vacation of the Skype team. Another one says that the virus creates a mdm.exe (Machine Debug Manager) file and adds itself to the system’s registry. It also disables the firewall. Whenever the user clicks on the link, the mdm.exe file starts running on the system and hacks their contact information. The process has to be stopped in order to get rid of the virus.

The virus can be removed from the system by following a set of steps. Copy and paste the code given in the Skype community forum. Save it as a batch file (.bat file). Run the file from the command prompt to remove the virus.

Recent attack:

Recently, some of the users of Skype got an instant chat message containing a link of a JPEG file, from one of the contacts in their list. The image is actually a virus file. People who clicked the link found out that their contact information had been hacked and the same message was sent to all the people in their contact list. The message, which appears to be a legitimate chat message from a known person, tricked many users into clicking on the link.

Hot discussions are going on in the Skype community regarding the recent virus. One person claimed that the hacker spread this virus intentionally during the vacation of the Skype team. Another one says that the virus creates a mdm.exe (Machine Debug Manager) file and adds itself to the system’s registry. It also disables the firewall. Whenever the user clicks on the link, the mdm.exe file starts running on the system and hacks their contact information. The process has to be stopped in order to get rid of the virus.

The virus can be removed from the system by following a set of steps. Copy and paste the code given in the Skype community forum. Save it as a batch file (.bat file). Run the file from the command prompt to remove the virus.

Popularity: 50%

Leave a Reply:

29 Responses to “Skype Virus Alert”

commenter

I cannot open the skype forum link as above. Please advise if there’s another option to get rid of this virus.

commenter

http://forum.skype.com/index.php?act=announce&f=24&id=221- still the link is working fine. so you can make use for your problem.

commenter

Hello, the following message keeps popping up out of nowhere in the chat section of skype. The name says Registry.online.sc5
…I ran McAfee and it did not detect any problems…I was wondering if you think it is safe to go to the link below and download the so-called patch? what is this about? Thank You for your help

This is what shows up, it’s from Registry.online.sc5:

URGENT SYSTEM SCAN NOTIFICATION ! PLEASE READ CAREFULLY !!

http://www.updatexn.org/

For the link to become active, please click on ‘Add to contacts’ skype button or type it in manually into your web browser !

FULL DETAILS OF SCAN RESULT BELOW
****************************************

WINDOWS REQUIRES IMMEDIATE ATTENTION

ATTENTION ! Security Center has detected
malware on your computer !

Affected Software:

Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows Server 2003

Impact of Vulnerability: Remote Code Execution / Virus Infection /
Unexpected shutdowns

Recommendation: Users running vulnerable version should install a repair utility immediately

Your system IS affected, download the patch from the address below !
Failure to do so may result in severe computer malfunction.

http://www.updatexn.org/

commenter

they wanted to charge me but I backed out Im not sure if Im affected or not seems to be working but blurry.I thought this was legit.Any suggestions

The Bullet From Hell | January 30th, 2010 at 3:40 pm
commenter

Its A Smitfraud SCAM, just ignore it. (Don’t try to block it since they seem to have a gazillion account)

commenter

I have gotten the same notice. It is not a real notice. It did not come from Skype and my Anti-Virus software was unable to find any virus in my system. Don’t click the link that will probably allow the “virus” in.

commenter

A false message on Skype this morning has changed my passwords. Can’t log in.

The Anti Virus software ZoneAlarm Internet Security detected a Trojan, and quarantined it…but it didn’t stop the damamge.

commenter

I would assume that last one is a fake. I got pretty much the same message through Skype,

I’m just going to block and report them.

Usually, if you get a message that sounds that urgent and says you should download a patch/repair/etc. immediately, it is fake, and possibly dangerous to follow through on.

commenter

Rajanni I had the same message this morning. I just blocked them because I am pretty sure that it is spam or a virus. I would block them just in case if I were you.

commenter

My son got the message too and my Trend Micro security found nothing. I blocked and reported the website to Skype. The website is: Registry Online (registry.online.scd99) I just typed the one above, Registryonline.com, because the other said it was not valid.

commenter

@Rajanni – Are you kidding? DO NOT DOWNLOAD IT! Just because a virus scanner didn’t find anything doesn’t mean it’s safe. You should block that user.

Jenni Kishkovich | February 5th, 2010 at 1:02 am
commenter

I’ve received the same message. Does anyone know what it’s all about??

commenter

…Yeah, I was really skeptical about it and ended up ignoring it…I really haven’t been receiving the message since.
Thanks for the responses!

commenter

Yeah, I’m pretty gullible but this one said I definitely had a virus on my computer but that the viruses were in Windows Vista, 2000, etc. I’m on a Mac. It didn’t seem logical. I was confused but I’m glad I happened upon this site. I’m definitely not doing anything with it now. Thanks.

commenter

On 02/18/2010, I clicked on a link from one of my skype contacts. Since then, all of my skype contacts are receiving weird messages automatically from my skype account. The messages include things like, “I got a new hair cut”, “I dyed my hair pink”, etc. I changed my PW. No luck. The weird messages continued. What can I do?

commenter

i believe i got a skype virus via facebook. and i’m pretty sure it copied a folder onto My Docs directory and put in a DSC file folder (which made it look like a picture). when i opened it, it went crazy and started poppin’ up windows sending to all skype users. trend micro and malwarebytes find NOTHING! boo hoo. how do i get rid of it. can’t use skype now and probably have to start using ‘real long distance’!!!!! please help.

i’ve tried a couple of things and restarted skype, and still have it. am now afraid to start it in case i start spreading it again when i logon.

commenter

The file this virus appears as is called wmpkrk.exe . Start regedit and search for it – delete the values. Then search your pc for the actual file and delete it. Restart and ur pc should be fine.

commenter

after deleting that file virus got more active on my pc, & calling to people on my contact list

tiredofbeingspammed | March 13th, 2011 at 2:49 am

I have been receive Skype “calls” the last one in the middle of the night saying my computer is infected with an virus and I am to go to some website SOSNBC.com or something like that. I am assuming this is a scam. anyone else having this problem?

commenter

I, too, just received a Skype call and am checking out the legitimacy of. It told me that my computer has a virus that affects Window 7 and I need to download a patch update a soslv.com. It is supposedly from "Service Update Information", and those words remain in my Skype box when I open it. Was afraid to click anything. Any suggestions?

commenter

Me too – got what sounds as if it’s the same automated forwarded call in the middle of the night. It was saying my Windows computers have viruses, etc. Their website for their supposed “patch update” was www [dot] SOSlv [dot] com too. Got suspicious when they stated the operating systems affected, because I mostly go online with Linux. Glad to read my hunch was correct.

commenter

I RECEIVED A SKYPE CALL ABOUT VIRUS INFECTING MY COMPUTER 2 DAYS AGO. I WAS TOLD TO GO TO WWW dot SOSLV dot COM TO FIND A FIX.

AS I COULD NOT TRUST THE CALLER, I DID NOTHING. A DAY LATER ONE INCOME TAX FILE WAS ATTACKED, SOME AREAS TURNED RED, MY INPUT WAS CHANGED FROM SINGLE TO SEPARATED.
I THEN CHANGED MY SKYPE PASSWORD.

commenter

I have been getting a few skype calls and have no viruses or problems, what gives?

commenter

i got the same call, i did not take any actions….it was nothing at first but after i finish my work i shut down my computer and after 8 hours or so i turned it on and my computer wont go through the windows 7 page… i need HELP!… i have a lot of work to do online right now i'm using my friends laptop…..PLEASE HELP!

commenter

I received a skype call about virus on my computer. I was told to go to http://www.soslv.com
What should I do. I think that this is a sceme. What do you think

commenter

i received the same msg is it fake?

commenter

This morning I was speaking to my son on video call when suddenly we were interrupted by a weird voice telling me that my computer was infected by a virus and to fix it I should go to www(dot)sos(dot)com. (I write it this way because my message to Skype was frozen and internet explore crashed when I wrote it the conventional way.) I feel I am being watched. I google this website and found that it was suspect and that many other skype users had experienced the same problem. Any advice what to do?

commenter

Hi,

Yesterday i got a message from my co-worker and after sending a reply, i saw a Visual Studio debugger window and my SkyPE went shutdown. After that i tried to reopen it number of times but it showing the same debugger window then quit.

we have about 20 computers on the network and SKYPE is behaving in the same way on almost all the computers except 2-3 teminals.

I am running Windows 2003 Server with Symantec Endpoint Protection on my machine. But on the network, there are different antivirus users too.

I thought there is a problem with installation. So i uninstalled it and reinstall, but the problem is still there. I reinstalled it twice so far. Even restarted the system as well. But no hope.

Is there anyone who can help me out from this issue?

Regards,
fayalif

commenter

I have a really bad virus on my Skype, It keep saying stuff like “lol, Is this Ur profile picture” I clicked on it and now it sends it to people every 5-10 minutes, I tryed starting a new account and it got infected too, Im on my dads 3000 pound computor and he uses skype all the time.

Leave a Reply:

Name (required):
Email Address (required, not published) :
Website :
Comment (required):

Contact Us :

Dot Com Infoway, a CMMI Level 3 multinational information technology company, is a pioneer in delivering software development, mobile application and Internet marketing solutions and technologies to businesses. With offices in India, the United States and Netherlands, DCI is positioned to become a leader in delivering advanced IT services for your business.

For more information, email ask@dotcominfoway.com or visit our Contact Page.

Follow Us :

Dot Com Infoway

Tailored to meet international standards and client expectations, our methodology ensures proper risk management, seamless work flow and deadline-oriented development. It has built-in processes to monitor stringent adherence to quality, consistency in performance and accomplishment of project milestones. Our well-defined and flexible business model is a result of our deep industry intelligence and vast experience. Adhering to industry standards, our business model facilitates enterprises to get the best-of-breed solutions at affordable prices and top-notch quality.

Our privacy policy explains how we use and protect any information that you provide when you use our website. With high standards of security, we ensure that your valuable data is protected from misuse, loss or any external amendment.

Cookies for comments