New ransomware uses Facebook, LinkedIn images to take over your PC

Share

New ransomware uses Facebook, LinkedIn images to take over your PC

Have you ever been the victim of ransomware?

Facebook is disputing recent reports that the file-encrypting ransomware known as Locky spread through its instant messaging platform. The ransomware is being embedded in picture files and when the target opens them it executes the Locky Ransomware program.

The story kicked off with a blog post on November 20 from Bart P. Note, however, that the file extension could also be JPG, PNG, or any other common form.

The only way to avoid the actual Locky code, which has been around for nearly a year, is to be aware of it and to not open the file.

This causes that the people feel safer when downloading images from this kind of sites.

Although this kind of malware have always existed now is way more hard to avoid it, considering that Facebook and LinkedIn users are not used to this kind of situation on these platforms. If Nemucod was downloaded, it would then deliver the Locky ransomware. The result would be having your files being encrypted. The company's researchers claimed November 24 that it had found an additional infrastructure weakness in some social media services that allowed the attack to be more effective.

According to researchers at Check Point, there's a new variant of ransomware named Locky which takes advantage of vulnerabilities in the way Facebook, LinkedIn and other social networks handle images and it forces the system to download maliciously coded image file.

The company writes that it's waiting for Facebook and LinkedIn to adjust their defenses before providing more technical detail. However, the method differs somewhat from what is described by Bart P.

The latest spate of Locky attacks spread via a Facebook-based campaign, according to Ziskin and Barda. Hence, any dubious image or graphics file in your computer with extension such as SVG, JS, HTA etc can be a potential virus and ransomeware. The video shows that user would have to click on the file and save it before ransomware runs. Are you willing to trust Facebook on this issue?

The statement said, "This analysis is incorrect". In a response, Facebook said that this perceived Locky malware flaw is not a ransomware attack but rather a really "bad Chrome extensions". It makes use of Facebook and Linkedin errors in order to infect computers. Officials with LinkedIn, which is owned by Microsoft, couldn't be reached.

"We investigated these reports and discovered there were several bad Chrome extensions, which we have been blocking for almost a week". We've reached out to both companies to find out what the situation is right now.

Also, the attacks as described rely on heavy user interaction. This is to prevent hackers from using the exploit to hurt more users of those services.

Share

Advertisement

© 2015 Leader Call. All Rights reserved.