Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Remove Goo(.)gl Skype Spamming Virus Completely

A new string of malware has been spotted by security researchers to affect Skype users. Complaints have risen that the virus uses goo(.)gl spamming URLs to redirect to file-sharing sites which may contain its malicious payload. All users who have clicked on the malicious link should immediately check their computer for malware, instructions for which are provided after this article.

Threat Summary

NameGoo(.)gl Skype Malware
TypeSpamming Malware
Short DescriptionThe malware may spam from the user’s Skype and other social networking software, download malicious files onto the user PC and connect to a C&C server.
SymptomsThe user may witness PC slowdowns as well as the skype frends reporting suspicious messages that he/she doesnt remember saying.
Distribution MethodVia Goo(.)gl URLs.
Detection Tool See If Your System Has Been Affected by Goo(.)gl Skype Malware

Download

Malware Removal Tool

User ExperienceJoin Our Forum to Discuss Goo(.)gl Skype Malware.

shutterstock_240798115

Goo(.)gl Spamming Malware – How Did I Get It?

The malware distributes in a very cunning and clever way. Initially, the malware was distributed via a web link using goo(.)gl services, such as the following one along with a message:

  • “[skype.user]: haha you wouldn’t believe it http://goo(.)gl/lLGdM?foto=user”

The web link then redirects to a 4shared, hotfile or other file-sharing services:

  • http://e.4shared(.)com/linkerror.jsp?ed=63617573653d333034666e756c6c5f6f725f64656c

After redirecting to it, the link may download a .Zip or another type of file containing the same spamming bot malware. Symantec researchers have reported two main malware pieces associated with goo(.)gl:

  • W32.IRCBot.NG
  • W32.Phopifas

After the malicious bot has been downloaded and activated onto the affected computer, it immediately connects to a C&C (Command and Control) server.

After connecting to the server the malware may download other viruses such as:

  • Trojans.
  • Ransomware.
  • Adware.
  • Spam Bots.
  • Rootkits.
  • Botnet kits.

Usually, attacks of this character use obfuscators and the malware may remain for longer times on infected computers. Its main secret is using reputable services to spread its malicious files and using affected users to spread spam messages to people in their contact list on Skype. Because, who wouldn’t open a web link from their buddy, right?

Cyber-criminals have become increasingly smarter in their methods of infecting users. Examples for this are new viruses based on cunning spam techniques, like:

Remove Goo(.)gl Skype Spamming Virus

In case you have been affected by this malware, it is strongly advisable to isolate it and remove it using the methodological steps provided below. In addition to that we also advise you to disconnect your computer from the internet while scanning since this will break any active connection with C&C servers.

1. Boot Your PC In Safe Mode to isolate and remove Goo(.)gl Skype Malware
2. Remove Goo(.)gl Skype Malware with SpyHunter Anti-Malware Tool
3. Back up your data to secure it against infections by Goo(.)gl Skype Malware in the future
Optional: Using Alternative Anti-Malware Tools

Since it is nearly impossible to stay ahead of what you do not know, users are highly advised to keep up with the latest methods of infection and follow these simple protection tips:

  • Make sure to use additional firewall protection. Downloading a second firewall (like ZoneAlarm, for example) is an excellent solution for any potential intrusions.
  • Make sure that your programs have less administrative power over what they read and write on your computer. Make them prompt you admin access before starting.
  • Use stronger passwords. Stronger passwords (preferably ones that are not words) are harder to crack by several methods, including brute forcing since it includes pass lists with relevant words.
  • Turn off AutoPlay. This protects your computer from malicious executable files on USB sticks or other external memory carriers that are immediately inserted into it.
  • Disable File Sharing – it is recommended if you need file sharing between your computer to password protect it to restrict the threat only to yourself if infected.
  • Switch off any remote services – this can be devastating for business networks since it can cause a lot of damage on a massive scale.
  • If you see a service or a process that is external and not Windows critical and is being exploited by hackers (Like Flash Player) disable it until there is an update that fixes the exploit.
  • Make sure always to update the critical security patches for your software and OS.
  • Configure your mail server to block out and delete suspicious file attachment containing emails.
  • If you have a compromised computer in your network, make sure to isolate immediately it by powering it off and disconnecting it by hand from the network.
  • Make sure to educate all of the users on the network never to open suspicious file attachments, show them examples.
  • Employ a virus-scanning extension in your browser that will scan all the downloaded files on your computer.
  • Turn off any non-needed wireless services, like Infrared ports or Bluetooth – hackers love to use them to exploit devices. In case you use Bluetooth, make sure that you monitor all of the unauthorized devices that prompt you to pair with them and decline and investigate any suspicious ones.
  • Employ a virus-scanning extension in your browser that will scan all the downloaded files on your computer.
  • Employ a powerful anti-malware solution to protect yourself from any future threats automatically.
NOTE! Substantial notification about the Goo(.)gl Skype Malware threat: Manual removal of Goo(.)gl Skype Malware requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

  • Mike Liscio

    Malwarebytes caught this. Skype is a dangerous program. End of story.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.