Home
Internet
Internet News
New Ransomware Uses Image Files on Facebook, LinkedIn to Hijack Your Computer: Report

New Ransomware Uses Image Files on Facebook, LinkedIn to Hijack Your Computer: Report

By Ketan Pratap | Updated: 28 November 2016 11:47 IST

Click Here to Add Gadgets360 As A Trusted Source

Highlights

New ImageGate malware utilise Facebook, LinkedIn images
It works same as Locky ransomware
Researchers recommend users not to open unusual extensions on a system

A newly discovered ransomware can target a computer through malware laced images on Facebook and LinkedIn. Researchers claim to have identified a new attack vector, which they call ImageGate, which embeds malware in image and graphic files. Additionally, the researchers discovered that the attacker's method of executing the malicious code within images was through social media apps such as Facebook and LinkedIn.

"The attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website. The attackers exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file. This results in infection of the users' device as soon as the end-user clicks on the downloaded file," explained Roman Ziakin and Dikla Barda, Check Point Research team.

The team also suggests that the new malware works same as the Locky virus, a file-encrypting ransomware, works which made headlines few months back. The Locky ransomware once downloaded on the system can automatically encrypt all the files on the device when users try to open it. Users then gain access to their files only when the ransom is paid.

Check Point recommends some steps to stay protected from malwares like ImageGate and Locky. "If you have clicked on an image and your browser starts downloading a file, do not open it," noted the team.

According to researchers, the attackers are targeting social media sites because they are 'white listed' on browsers and can easily be used on attack users. It adds that attackers are "continually searching for new techniques to use social media as hosts for their malicious activities."

The researchers also recommend users not to open any image file with unusual extension such as SVG, JS, or HTA which may be infected with malware. Check Point claims that it updated Facebook and LinkedIn of the attack vector in September.

Comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Ransomware, Desktop, Computers, Locky, ImageGate

Ketan Pratap

Email Ketan

Ketan Pratap is the Editor at Gadgets 360. His primary role - debugging the tech hype, benchmarking the future, and compiling it all into precise news, features or reviews. He has spent over 14 years calling out vaporware and identifying the best tech. He’s your guide for everything from chipsets to smart-home meltdowns. When his own batteries are low, he heads for the hills—literally. He’s someone who prefers a remote mountain pass, appreciating a 12,000-foot view that no VR ...More

No Man's Sky Foundation Update Brings Base Building, New Game Modes, Bug Fixes, and More

New Ransomware Uses Image Files on Facebook, LinkedIn to Hijack Your Computer: Report

Related Stories