The Trojan horse, a variant of IRCbot, arrives in an e-mail purporting to be an update to Skype, the popular Internet telephony application. Once opened the malicious software displays a phony installation error message. It then blocks access to security updates and installs a back door on computers, MessageLabs said in a statement.
The e-mail can have one of five different subject lines, which always refers to Skype. One, for example, reads: "Skype for Windows 1.4 - Have you got the new Skype?"
The e-mail body text advertises the Skype voice-over-IP application and urges the user to run the attached file to find out more, MessageLabs said.
The e-mail carrying the Trojan horse isn't widespread; MessageLabs has intercepted 150 copies since Sunday. It is the first such attack that pretends to be from Skype and users should watch out for such "social engineering," the company said.
Cybercriminals always try new things to dupe users into running malicious code. They haveas porn images, security updates, messages from system administrators, news photos and many other things.