Locky Ransomware Invades LinkedIn And Facebook Via Malware Laced Images

facebook address
It's been quite some time since malware-laden images have been a major security issue, but the risk is still out there. The attack vector has been exploited recently through a couple of leading social networks: Facebook and LinkedIn.

The attack, named "ImageGate" by researchers at Check Point, takes advantage of misconfiguration in these two social networks to make it so that when an image is loaded into a browser, it'll automatically download to the machine. This is similar to going to a download page where after 5 seconds, the download will begin. The difference here is that the downloaded file is infected.

An unfortunate thing with this sort of attack is just how many people could fall victim to it. Even if you're on top of security, your brain might not think anything about clicking on an image that you just downloaded, even if you didn't explicitly download it. For some, it might be force of nature.

If you do happen to click on the unsuspecting file, you'll quickly regret it: your files will become encrypted via Locky ransomware (which leverages ImageGate), requiring you to pay to get them back. This is without question one of the worst types of malware, because if you don't have backups - and far too many don't - paying the ransom is likely the only way you'll ever get the images and documents back.

This is yet another lesson to play it safe no matter when you're surfing the internet. Don't let down your guard - you might just regret it. If your files are taken over, but you have backups stored securely elsewhere, you'll give absolutely nothing to those holding your files ransom. At that point, you'd just reinstall the OS and copy your good files back. These days, a failing hard drive isn't the only reason to worry about potentially lost data.


Via:  Check Point
Show comments blog comments powered by Disqus