The Broadband Guide
search advanced

Facebook Messenger spreads Locky ransomware

2016-11-23 03:14 by
Tags: , ,

 

A new Facebook scam campaign spreads among users the Nemucod malware downloader, which can install the Locky ransomware.

Users receive a link in Messenger that is sent from hijacked accounts to all of a victims' friends. The link appears to be for a photo saved in the new SVG format. But it is in fact malicious and clicking on it takes unsuspecting users to a fake version of YouTube's website, which asks them to add a Chrome extension to their browser in order to watch a video.

As with other ransomware, once activated Locky encrypts files on the infected machine and connected local networks before issuing a ransom demand for payment in bitcoin for them to be decrypted.

The attack methodology was discovered by security researcher Bart Blaze, and has been acknowledged by Facebook.

"We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook, and we are already blocking these ones from our platform," said a spokesperson.

"In our investigation, we determined that these were not, in fact, installing Locky malware-rather, they were associated with Chrome extensions. We have reported the bad browser extensions to the appropriate parties."

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About