Beware! Severe Ransomware Spreading Via JPG Files On Facebook

Beware! Severe Ransomware Spreading Via JPG Files On Facebook

A malware is something that encrypts your files and it can get by Facebook or LinkedIn. The security firm Check Point announced on Thursday (24) a technique that allows disguise ransomware images, which can then be sent through social networks. When the user downloads and runs the malware, computer files get password protected and the criminal asks the victim for payment of a ransom.

This video helps you understand better:-

The ransomware which is in question is known as Locky. According to Ars Technica, the Locky Ransomware is making victims since the beginning of the year, demanding payment of about half bitcoin from the user simply to get you access to your encrypted files. The Locky was disseminated through macros in Word documents but lately, has spread in social networks.

According to the security firm Check Point “The attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website. The attackers exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file. This results in infection of the users’ device as soon as the end-user clicks on the downloaded file”.

It simply means that when the user tries to download the image, which comes with a different file extension, such as .hta. When you run it, the Locky encrypts the information on the user’s disk and places a file named “_Locky_recover_instructions.txt” in all directories that have been protected. The background of Windows is also changed with the instructions on how to get the files back.

It will not cost you if you warn your friends about this, as the social media giant Facebook does not display images as attachments in Messenger, but in this case, the photo is shown directly in the chat window.

Leave a Reply

Your email address will not be published. Required fields are marked *