In-App Ads exposed Skype Users to Malware

Skype is one of the most used instant messaging application around the world. A large number of users have been complaining that the popular messaging application known as Skype has been hosting rogue advertisements, which has a large risk of triggering malware.

The problem was made known to the public on reddit on March 31th 2017, whereby the original poster complained about a malicious ad which appeared while he was on Skype’s home page screen, and it was pretending to be a Flash update for the computer’s browser.

The poster has successfully deconstructed the code, and has posted it publicly on reddit.

In an investigation made by ZDNet, the experts they contacted found the following regarding rogue Skype ads:

The “fake Flash” ad, designed to target Windows machines, pushed a download, which when opened would trigger obfuscated JavaScript. The code starts a new command line, then deletes the application that the user just opened, and runs a PowerShell command, which then downloads a JavaScript Encoded Script (JSE) from a domain that no longer exists, likely one of many disposable domains used to hide an attacker’s operations.

According to the co-founder of cybersecurity firm phobos group, Ali-Reza Angghaie, said the issue is what is called a “two-stage dropper”. “It’s effectively the utility component of the malware that then decides what else to do based on the command and control it connects to”, he said.

Regarding this issue, other people have complained and reacted negatively on Twitter towards the malicious ads inside Skype, with the fake Flash update as a common denominator.


Other people also took to their Twitter about this issue  that


A Microsoft spokesperson said reacting to the issue, that the it was a “social-engineering effort,” and that they should not be held responsible for the malicious content. The company further explains that:

We’re aware of a social engineering technique that could be used to direct some customers to a malicious website. We continue to encourage customers to exercise caution when opening unsolicited attachments and links from both known and unknown sources and install and regularly update antivirus software.

It is good for one to be very careful in opening any content which you don’t know the source or any content which seems suspicious off the internet. Many intruders are out all over the internet trying to deceive users, and steal confidential and sensitive information, aside from malware’s usual work of wreaking havoc in your computer system.

Therefore you have to keep yourself secured from all this to happen, you should know where and what you are surfing in the internet for you not to be a victim of malware or virus. So try hard and get yourself an antivirus for your system and also scan your computer system often.

If this post made a good impact to you, please do not hesitate to like our post and share for other people to know about this. Thank you.

Source: reddit, ZDNet

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.