A new ransomware has spread into social networking sites Facebook and LinkedIn through graphic files and images. The new type of ransomware, Locky, is being distributed by a new attack vector called ImageGate.
Few researchers from CheckPoint says that Locky understands the flaws in the treatment of images by Facebook and LinkedIn and uses it to their advantage by making users download malicious codes through the pictures which eventually hijacks computer exactly when you open them. The ransomware encrypts your files and attackers don’t give the back to the user until a certain amount is paid.
Dikla Barda, Check Point Research team wrote, “The attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website. The attackers exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file. This results in infection of the users’ device as soon as the end-user clicks on the downloaded file.”
Check Point added that it will release further details about the vulnerability once the affected websites confirm they have fixed the flaw.