The main source of the target for hackers as of now turns out to be Facebook and LinkedIn. They are using these as the platform for social building tricks in the spam emails and compromised websites to bait the victims into downloading malicious software dubbed “Locky Ransomware” into their systems.The hackers are intelligently hiding the code in images and when the user downloads it malicious code installs the locky ransomware which encrypts all the files of users computer until a ransom is paid.
So next time if you find any image received from any one of your friends be it either Facebook or linkedIn ,just ignore it and don't download. This was revealed in a research carried out by Israeli securities firm “Checkpoint” .They discovered how the cyber crooks are hiding malicious codes in images and executing the malware code across users of different platforms through’ locky variants’.
The researchers have discovered security flaws in facebook and LinkedIn that automatically downloads images, in certain cases it needs users to click on it .Images that carry extensions such as SVG(Scale vector graphics),JS(Javascript) or HTA are in particular malicious. Hackers are embedding javascript in the images .
The attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website," Check Point researchers say.
The research firm says that it has reported the vulnerabilities to facebook and linkedIn as early as September this year, but no proper action has been initiated in this regard and that provided opportunity to these hackers. A video demonstration of the attack was given by checkpoint dubbed image gate
Locky ransomware has been in existence since the beginning of this year.It works by encrypting users files using RSA 2048 AND AES-1024 algorithms and will demand a ransom for the key to disable the encryption.
Initially, locky ransomware spread malicious content via phishing emails either as word or Zip files. Now they turned the attention to social platforms where users are active most of the time.
Source:The Hacker NewsThe Hacker News
No comments:
Post a Comment