Short Bytes: The researchers of a security firm have revealed that hackers are now using .JPG images to spread Locky Ransomware via Facebook and LinkedIn. The ransomware is targeting the unsuspecting users, fooling them into downloading malicious images and encrypting their personal data.Last week I shared an important update about Locky ransomware, one of the most notorious malware to arrive on the scene in the recent times. It was reported that hackers are using Facebook Messenger to spread the ransomware using .SVG files.
Now, security researchers have identified that hackers are using .JPG images to distributed harmful code of Locky Ransomware using social media platforms like Facebook and LinkedIn.
The researchers have discovered a misconfiguration in the infrastructure of these social networks that force the users to download the image files. This situation has become more dangerous as the attackers have figured out a way to embed dangerous code in the image files.
Check Point has already updated Facebook and LinkedIn regarding the new attack vector in September.
The security firm has also shared a demo video of Locky Ransomware “ImageGate” on its YouTube channel:
You might be aware of the basics of how a ransomware and other malware work. When a user downloads and opens a malicious file, a ransomware encrypts the files and forces the user to pay a ransom.
As more and more people are joining social networks, cyber criminals are focusing on using new techniques like ransomware. The new and inexperienced users easily fall into their traps.
Check Point also recommends a couple of preventive measures to fight against Locky Ransomware:
- Just in case you’ve downloaded this file, don’t open it. Social media websites show the picture preview without downloading any file.
- Don’t open images with unusual extensions like SVG, JS, or HTA.
Did you find this update on Locky Ransomware helpful? Share your views in the comments section.