A worm targeting Skype's VoIP application is harvesting e-mail addresses and directing users to a range of sites hosting other malicious software, security vendors said Monday.

Once a machine is infected, the worm sends a malicious link via instant messages to other users in person's Skype contact list, according to F-Secure's blog.

The link leads to an executable file that downloads a Trojan horse capable of downloading other malicious software, F-Secure said. It then shows a photo of a "lightly dressed" woman.

The link also directs users to at least eight Web sites with information about Africa. It's not clear what type of scam or harm those pages intend, but some of the sites have advertising on them, indicating that it might be a click-fraud scam, said Graham Cluley, senior technology consultant for Sophos. Click fraud refers to the various tricks used to get clicks on advertising banners, which generate revenue for Web page owners.

The link for this article located at NetworkWorld is no longer available.