The Rodpicom Dorkbot worm, which spreads via VoIP and messaging applications and leads to malware infections, is currently making rounds on Microsoft‘s Skype and Windows Live Messenger platforms and was initially spotted on the platforms last year.
Users who receive a direct message that appears to be from one of their contacts asking “LOL is this your new profile pic? http://goo.gl/[removed]” should not click the link and delete the message immediately. Those who follow the link land on a malicious site and are infected with the worm. The worm changes itself to match the default operating system language on the user’s computer, thereby making it more believable to unsuspecting users.
If a user is infected, the Dorkbot worm sends out the same message to additional potential victims while opening a backdoor into the infected system, downloading more malicious software, spamming, downloading a new version of itself, and other malicious activities.
According to Fortinet‘s FortiGuard Labs researcher Raul Alvarez, the malware is also equipped with a number of evasive and obfuscation techniques aimed at hiding its existence both from AV software and researchers.
As with all services and the internet itself, taking the necessary precautions and clicking only on links you trust will prevent most types of malware from affecting your device.