Sunday November 27, 2016

Ransomware Uses Decoy Image Files To Ambush Facebook, LinkedIn Accounts

Another reason to stay off popular social networks regards ransomware "Locky," which users may inadvertently install by opening false image files. I initially thought it could install itself if you were to merely load the image, but it looks like you’d have to be dumb enough to open an unconventional filetype to get infected.

آ…security flaws in the two social networks allow a maliciously coded image file to download itself to a user's computer. Users who notice the download, and who then access the file, cause malicious code to install "Locky" ransomware onto their computers. Locky has been around since early this year, and works by encrypting victims' files and demands a payment of around half a bitcoin (currently آ£294; $365) for the key. Previously, it had relied on a malicious macro in Word documents and spam e-mails, but Check Point says that in the past week there has been a "massive spread of the Locky ransomware via social media, particularly in its Facebook-based campaign."