Beware of hey is this your skype profile pic messages

Martin Brinkmann
Oct 7, 2012
Updated • Dec 26, 2012

A new virus is making the rounds that is affecting the Skype communication software. The following messages are used to spread the virus: hey is this your skype profile pic or hey, is this your new profile picture, or hey, cool profile picture, is this it. Remember that it is likely that there are other variations in the wild.

The messages are followed by a shortened link using the url shortener. Depending on your security setup, clicking on the link may be enough to infect your computer with the trojan. If you get a dialog that is asking you what to do, make sure you cancel it right away and do not open or save it to your computer.

The messages may come from your contacts, if their computer is already infected with it, or strangers that try to message you.

hej is this your skype profile

The trojan adds itself to the list of third party programs with Skype access, and this is one of the ways to find out whether your system is infected with it or not. When you are in Skype, click on Tools > Options to bring up the options window of the program. Locate and click on Advanced, and there on the manage other programs' access to Skype link at the bottom. If you see programs listed here that you can't identify, remove them from Skype.

skype virus

You won't be sending out messages to Skype contacts anymore once the apps have been removed from Skype's third party access list.

As a second step, I'd recommend to run an up to date antivirus solution, Malwarebytes Antimalware Free or Dr.Web CureIt to make sure that no traces of the keylogger are left on the system. What it does in addition to sending out the messages to contacts, is to log what you enter using your keyboard. The keylogger logs all input, not only what you enter when using Skype. It is therefore essential to scan the computer with antivirus software to remove the keylogger from the system. I'd recommend running multiple programs just to make sure it is completely removed.

We have received word from Skype about the issue:

Skype takes the user experience very seriously, particularly when it comes to security. We are aware of this malicious activity and are working quickly to mitigate its impact. We strongly recommend upgrading to the newest Skype version and applying updated security features on your computer. Additionally, following links – even when from your contacts – that look strange or are unexpected is not advisable.


Previous Post: «
Next Post: «


  1. Sayali said on March 25, 2013 at 8:30 am

    Seems like this virus is back… I got similar set of messages from people in my friend list over last couple of days. Am running an older version – on Ubuntu. So not sure if I can locate the above mentioned trojan. There is no such thing like “Managed API access control”.

  2. Theo said on October 14, 2012 at 8:57 pm

    is this only for windows

  3. Adam said on October 14, 2012 at 8:46 pm

    Thank you!! I got sent it by 2 people on my skype and was really worried… reading your article reasured me that i don’t have the trojan and i can finally rest :) Subed to ur FB, once again thank you :D

  4. mediochrea said on October 8, 2012 at 3:28 am

    Honestly, people who follow shortened links without learning their destination from the sender deserve to be infected.

    1. Anonymous said on October 8, 2012 at 12:50 pm

      It was one of my best friends that sent mine and we always send each other urls, so I clicked mine and it downloaded. My Antivirus detected it and set it was deleted but is it gone for good.

  5. Alexander said on October 7, 2012 at 6:39 pm

    hey, i’m on a mac and i’ve got the message from one of my friends and i didn’t know what it was so i clicked on the link. then it downloaded a file to the mac but i couldn’t open the file. a couple of minutes later my antivirus (sophos antivirus) said that the mac was infected and asked me if i would like to remove the threats. i clicked on remove and then it remove the file that i couldn’t open. do you know if the virus works on mac’s or is it just a windows virus? i just want to be sure that it’s gone. i don’t think that i’ve sent any messages to anyone but i’m not sure.

    1. Anonymous said on October 15, 2012 at 3:39 pm

      as i know it it is a .exe, which only PCs can open without third party programs or apps form the apple store, you should be safe, but run a virus scan :)

    2. Martin Brinkmann said on October 7, 2012 at 6:56 pm

      I can’t say for sure but it is likely that it is Windows only. Have you checked the third party programs in Skype? This is usually a good indicator whether the malware was installed successfully on your system.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.