A skype based worm named LOLPic was discovered in early October 2012 in which a message was sent to all users on the infected host's contacts list. The message will use the text of lol is this your new profile pic?[URL]), and requested users to check if it was the image. Most users who recieved this message fell for the trick and recieved malware. This malware works by opening a backdoor to add it to a bot network used to DDoS a website of the hackers choice, it is classed as ransomeware as it holds the user to ransom.
This is the backdoor that the hacker uses to add it to a bot network.
The dropper, known as LOLPic.in is a component of the worm and it installs malware.
- LOLPic.b-This variant uses Yahoo Messenger instead of Skype.
- LOLPic.qw-This variant said to download Skype Security(Rogue AV).
- LOLPic.bxzs-This variant deleted hal.dll.