VOIP (voice over IP) company's security team as of Sept. 11 was working with domain owners to shut down malicious sites that are infecting Skype for Windows users with a virus being spread via cleverly composed instant messages.
Initially, Skype was calling the virus w32/Ramex.A, but Finnish security firm FSecure is calling it W32/Skipi.A, whereas Symantec, in Cupertino, Calif., is referring to the worm as W32.Pykspa.D—a new variant in the family of worms called Pykspa.
Infected systems are sending chat messages to other Skype users asking them to click on a link that appears as a harmless .jpeg file. If clicked, the worm then transmits the infection anew.
The worm is camouflaging itself with a bitmap file of soap bubbles—namely, a default bitmap graphic contained in the Windows installation directory. If Skype users see the bubbles image after clicking on a link in a Skype message, Symantec said chances are they've been infected.