The Pykse-A worm spreads via Skype instant messages, posing as a link to a photograph of a young model called Sandra. Clicking on the link does display an image of a scantily clad model wearing stiletto heeled shoes, but only after infecting the PC with a downloader Trojan which then installs the worm.
“Once it’s up and running, the Pykse worm attempts to connect to a number of remote websites, presumably in an attempt to generate advertising revenue for them by increasing their number of ‘hits’,” said Graham Cluley, senior technology consultant for Sophos. “It’s another example of the methods that malware authors can use to make money. With an ever increasing wave of malicious attacks, companies need to ensure that not only do they have secure defences in place, but also that they are enforcing policies about what programs their users can run and which websites their PCs can visit.”
Sophos notes that there have been a number of worms which have spread via Skype instant messaging in the past, however none of them have been particularly widespread compared to other major outbreaks of malware.