Malware uses Facebook and LinkedIn Images to Hack your PC - chaprama | Insights from the world of Technology and Lifestyle


Monday, November 28, 2016

Malware uses Facebook and LinkedIn Images to Hack your PC

The main source of the target for hackers as of now  turns out to be Facebook and LinkedIn. They are using these as the platform for social building tricks in the spam emails and compromised websites to bait the victims into downloading malicious software dubbed “Locky Ransomware”   into their systems.The hackers are intelligently hiding the code in images and when the  user downloads it  malicious code installs  the  locky ransomware which encrypts all the files of users computer until a ransom is paid.


So next time if you find any image received from any one of  your friends be it either Facebook or  linkedIn ,just ignore it and don't download. This was revealed in a research  carried out by Israeli  securities firm “Checkpoint” .They discovered how the cyber crooks are hiding malicious codes in images  and executing the malware code across users of different platforms through’ locky variants’.

The researchers have discovered security flaws in facebook and LinkedIn that automatically downloads images, in certain cases it needs users to click on it .Images that carry extensions such as  SVG(Scale vector graphics),JS(Javascript) or HTA are in particular malicious. Hackers  are embedding javascript in the images .

The attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website," Check Point researchers say.

The research firm says that  it has reported the vulnerabilities to facebook and linkedIn as early as September this year, but no proper action has been initiated in this regard and that provided opportunity to these hackers. A video demonstration of the attack was given by checkpoint dubbed image gate

Locky ransomware has  been in  existence since the beginning of this year.It works by encrypting users files using RSA 2048 AND AES-1024 algorithms and will demand a ransom for the key to disable the encryption.

Initially, locky ransomware spread malicious content via phishing emails either as word or Zip files. Now they turned the attention to social platforms where users are active most of the time.

Source:The Hacker NewsThe Hacker News

No comments:

Post a Comment