Ransomware Uses Facebook, LinkedIn to Deliver Malware Infected Images
Security researchers from Check Point recently discovered a new variant of a known ransomware called Locky. This ransomware takes advantage of flaws in the way social networking platforms like Facebook and LinkedIn handle images.
Researchers reported that the malware forces the user's browser to download an image laced with malicious codes and automatically hijacks the victim's computer once it is opened.
Like Us on Facebook
Ransomware, as the name implies, holds the victims' files, or sometimes the whole system, hostage until they pay the required ransom. Experts said that the Locky code is easy to spot.
However, what concern many security analysts is the ease of how hackers can execute the malware's mechanisms. Security applications and malware detection tools usually trust major social networks, in this case Facebook and LinkedIn, and give these companies a thumbs up for secure download.
According to Hot Hardware, security experts said that users should be wary of what they download online, even if these files are being sent via Facebook or other secure platforms. It is also important to always keep a backup of important files.
Check Point said that it has already notified Facebook and LinkedIn about the vulnerability in September. In a response, Facebook said that this perceived Locky malware flaw is not a ransomware attack but rather a really "bad Chrome extensions."
In a statement acquired by Engadget, Facebook said, "There is no connection to Locky or any other ransomware, and this is not appearing on Messenger or Facebook. We investigated these reports and discovered there were several bad Chrome extensions, which we have been blocking for nearly a week."