A new string of malware has been spotted by security researchers to affect Skype users. Complaints have risen that the virus uses goo(.)gl spamming URLs to redirect to file-sharing sites which may contain its malicious payload. All users who have clicked on the malicious link should immediately check their computer for malware, instructions for which are provided after this article.
|Name||Goo(.)gl Skype Malware|
|Short Description||The malware may spam from the user’s Skype and other social networking software, download malicious files onto the user PC and connect to a C&C server.|
|Symptoms||The user may witness PC slowdowns as well as the skype frends reporting suspicious messages that he/she doesnt remember saying.|
|Distribution Method||Via Goo(.)gl URLs.|
See If Your System Has Been Affected by malware
Malware Removal Tool
|User Experience||Join Our Forum to Discuss Goo(.)gl Skype Malware.|
Goo(.)gl Spamming Malware – Update February 2018
The malicious campaigns that deliver nasty goo(.)gl spamming URLs in Skype are still active. Users on various forums report to receive strange messages from their Skype friends. The messages usually contain pictures and shortened goo(.)gl links. When clicked these spamming URLs land on suspicious web pages that offer a download of a malicious file. Once such data is saved on the system, it can cause severe malware infection or serve as a gate for one. Be advised to avoid following these links if you want to keep your system secure. In case that your curiosity made you visit the compromised link make sure to run a scan with an advanced anti-malware tool as the malware may have unnoticeably sneaked into the system.
Goo(.)gl Spamming Malware – How Did I Get It?
The Skype malware distributes in a very cunning and clever way. Initially, the malware was distributed via a web link using goo(.)gl services, such as the following one along with a message:
- “[skype.user]: haha you wouldn’t believe it https://goo(.)gl/lLGdM?foto=user”
The web link then redirects to a 4shared, hotfile or other file-sharing services:
After redirecting to it, the link may download a .Zip or another type of file containing the same spamming bot malware. Symantec researchers have reported two main malware pieces associated with goo(.)gl:
After the malicious bot has been downloaded and activated onto the affected computer, it immediately connects to a C&C (Command and Control) server.
After connecting to the server the malware may download other viruses such as:
- Spam Bots.
- Botnet kits.
Usually, attacks of this character use obfuscators and the malware may remain for longer times on infected computers. Its main secret is using reputable services to spread its malicious files and using affected users to spread spam messages to people in their contact list on Skype. Because, who wouldn’t open a web link from their buddy, right?
Cyber-criminals have become increasingly smarter in their methods of infecting Skype users. Examples for this are new viruses based on cunning spam techniques, like:
- My Secret Video Facebook Spam
- Fake Facebook Emails Distribute the Nivdort Trojan
- Facebook Virus Posting from Your Profile
Remove Goo(.)gl Skype Spamming Virus
In case you have been affected by this malware, it is strongly advisable to isolate it and remove it using the methodological steps provided below. In addition to that we also advise you to disconnect your computer from the internet while scanning since this will break any active connection with C&C servers.
Note! Substantial notification about the Goo(.)gl Skype Malware threat: Manual removal of Goo(.)gl Skype Malware requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.
Since it is nearly impossible to stay ahead of what you do not know, users are highly advised to keep up with the latest methods of infection and follow these simple protection tips:
- Make sure to use additional firewall protection. Downloading a second firewall (like ZoneAlarm, for example) is an excellent solution for any potential intrusions.
- Make sure that your programs have less administrative power over what they read and write on your computer. Make them prompt you admin access before starting.
- Use stronger passwords. Stronger passwords (preferably ones that are not words) are harder to crack by several methods, including brute forcing since it includes pass lists with relevant words.
- Turn off AutoPlay. This protects your computer from malicious executable files on USB sticks or other external memory carriers that are immediately inserted into it.
- Disable File Sharing – it is recommended if you need file sharing between your computer to password protect it to restrict the threat only to yourself if infected.
- Switch off any remote services – this can be devastating for business networks since it can cause a lot of damage on a massive scale.
- If you see a service or a process that is external and not Windows critical and is being exploited by hackers (Like Flash Player) disable it until there is an update that fixes the exploit.
- Make sure always to update the critical security patches for your software and OS.
- Configure your mail server to block out and delete suspicious file attachment containing emails.
- If you have a compromised computer in your network, make sure to isolate immediately it by powering it off and disconnecting it by hand from the network.
- Make sure to educate all of the users on the network never to open suspicious file attachments, show them examples.
- Employ a virus-scanning extension in your browser that will scan all the downloaded files on your computer.
- Turn off any non-needed wireless services, like Infrared ports or Bluetooth – hackers love to use them to exploit devices. In case you use Bluetooth, make sure that you monitor all of the unauthorized devices that prompt you to pair with them and decline and investigate any suspicious ones.
- Employ a virus-scanning extension in your browser that will scan all the downloaded files on your computer.
- Employ a powerful anti-malware solution to protect yourself from any future threats automatically.
- Guide 1: How to Remove Goo(.)gl Skype Malware from Windows.
- Guide 2: Get rid of Goo(.)gl Skype Malware on Mac OS X.
- Guide 3: Remove Goo(.)gl Skype Malware in Google Chrome.
- Guide 4: Erase Goo(.)gl Skype Malware from Mozilla Firefox.
- Guide 5: Uninstall Goo(.)gl Skype Malware from Microsoft Edge.
- Guide 6: Remove Goo(.)gl Skype Malware from Safari.
- Guide 7: Eliminate Goo(.)gl Skype Malware from Internet Explorer.
- Guide 8: Disable Goo(.)gl Skype Malware Push Notifications in Your Browsers.
How to Remove Goo(.)gl Skype Malware from Windows.
Step 1: Boot Your PC In Safe Mode to isolate and remove Goo(.)gl Skype Malware
Step 2: Uninstall Goo(.)gl Skype Malware and related software from Windows
Here is a method in few easy steps that should be able to uninstall most programs. No matter if you are using Windows 10, 8, 7, Vista or XP, those steps will get the job done. Dragging the program or its folder to the recycle bin can be a very bad decision. If you do that, bits and pieces of the program are left behind, and that can lead to unstable work of your PC, errors with the file type associations and other unpleasant activities. The proper way to get a program off your computer is to Uninstall it.
Step 3: Clean any registries, created by Goo(.)gl Skype Malware on your computer.
The usually targeted registries of Windows machines are the following:
You can access them by opening the Windows registry editor and deleting any values, created by Goo(.)gl Skype Malware there. This can happen by following the steps underneath:
Get rid of Goo(.)gl Skype Malware from Mac OS X.
Step 1: Uninstall Goo(.)gl Skype Malware and remove related files and objects
1. Hit the ⇧+⌘+U keys to open Utilities. Another way is to click on “Go” and then click “Utilities”, like the image below shows:
- Go to Finder.
- In the search bar type the name of the app that you want to remove.
- Above the search bar change the two drop down menus to “System Files” and “Are Included” so that you can see all of the files associated with the application you want to remove. Bear in mind that some of the files may not be related to the app so be very careful which files you delete.
- If all of the files are related, hold the ⌘+A buttons to select them and then drive them to “Trash”.
In case you cannot remove Goo(.)gl Skype Malware via Step 1 above:
In case you cannot find the virus files and objects in your Applications or other places we have shown above, you can manually look for them in the Libraries of your Mac. But before doing this, please read the disclaimer below:
You can repeat the same procedure with the following other Library directories:
Tip: ~ is there on purpose, because it leads to more LaunchAgents.
Step 2: Scan for and remove Goo(.)gl Skype Malware files from your Mac
When you are facing problems on your Mac as a result of unwanted scripts and programs such as Goo(.)gl Skype Malware, the recommended way of eliminating the threat is by using an anti-malware program. SpyHunter for Mac offers advanced security features along with other modules that will improve your Mac’s security and protect it in the future.
Remove Goo(.)gl Skype Malware from Google Chrome.
Step 1: Start Google Chrome and open the drop menu
Step 2: Move the cursor over "Tools" and then from the extended menu choose "Extensions"
Step 3: From the opened "Extensions" menu locate the unwanted extension and click on its "Remove" button.
Step 4: After the extension is removed, restart Google Chrome by closing it from the red "X" button at the top right corner and start it again.
Erase Goo(.)gl Skype Malware from Mozilla Firefox.
Step 1: Start Mozilla Firefox. Open the menu window
Step 2: Select the "Add-ons" icon from the menu.
Step 3: Select the unwanted extension and click "Remove"
Step 4: After the extension is removed, restart Mozilla Firefox by closing it from the red "X" button at the top right corner and start it again.
Uninstall Goo(.)gl Skype Malware from Microsoft Edge.
Step 1: Start Edge browser.
Step 2: Open the drop menu by clicking on the icon at the top right corner.
Step 3: From the drop menu select "Extensions".
Step 4: Choose the suspected malicious extension you want to remove and then click on the gear icon.
Step 5: Remove the malicious extension by scrolling down and then clicking on Uninstall.
Remove Goo(.)gl Skype Malware from Safari.
Step 1: Start the Safari app.
Step 2: After hovering your mouse cursor to the top of the screen, click on the Safari text to open its drop down menu.
Step 3: From the menu, click on "Preferences".
Step 4: After that, select the 'Extensions' Tab.
Step 5: Click once on the extension you want to remove.
Step 6: Click 'Uninstall'.
A pop-up window will appear asking for confirmation to uninstall the extension. Select 'Uninstall' again, and the Goo(.)gl Skype Malware will be removed.
Eliminate Goo(.)gl Skype Malware from Internet Explorer.
Step 1: Start Internet Explorer.
Step 2: Click on the gear icon labeled 'Tools' to open the drop menu and select 'Manage Add-ons'
Step 3: In the 'Manage Add-ons' window.
Step 4: Select the extension you want to remove and then click 'Disable'. A pop-up window will appear to inform you that you are about to disable the selected extension, and some more add-ons might be disabled as well. Leave all the boxes checked, and click 'Disable'.
Step 5: After the unwanted extension has been removed, restart Internet Explorer by closing it from the red 'X' button located at the top right corner and start it again.
Remove Push Notifications caused by Goo(.)gl Skype Malware from Your Browsers.
Turn Off Push Notifications from Google Chrome
To disable any Push Notices from Google Chrome browser, please follow the steps below:
Step 1: Go to Settings in Chrome.
Step 2: In Settings, select “Advanced Settings”:
Step 3: Click “Content Settings”:
Step 4: Open “Notifications”:
Step 5: Click the three dots and choose Block, Edit or Remove options:
Remove Push Notifications on Firefox
Step 1: Go to Firefox Options.
Step 2: Go to “Settings”, type “notifications” in the search bar and click "Settings":
Step 3: Click “Remove” on any site you wish notifications gone and click “Save Changes”
Stop Push Notifications on Opera
Step 1: In Opera, press ALT+P to go to Settings
Step 2: In Setting search, type “Content” to go to Content Settings.
Step 3: Open Notifications:
Step 4: Do the same as you did with Google Chrome (explained below):
Eliminate Push Notifications on Safari
Step 1: Open Safari Preferences.
Step 2: Choose the domain from where you like push pop-ups gone and change to "Deny" from "Allow".