Facebook Messenger spreads Locky ransomware

A new Facebook scam campaign spreads among users the Nemucod malware downloader, which can install the Locky ransomware.

Users receive a link in Messenger that is sent from hijacked accounts to all of a victims' friends. The link appears to be for a photo saved in the new SVG format. But it is in fact malicious and clicking on it takes unsuspecting users to a fake version of YouTube's website, which asks them to add a Chrome extension to their browser in order to watch a video.

As with other ransomware, once activated Locky encrypts files on the infected machine and connected local networks before issuing a ransom demand for payment in bitcoin for them to be decrypted.

The attack methodology was discovered by security researcher Bart Blaze, and has been acknowledged by Facebook.

"We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook, and we are already blocking these ones from our platform," said a spokesperson.

"In our investigation, we determined that these were not, in fact, installing Locky malware-rather, they were associated with Chrome extensions. We have reported the bad browser extensions to the appropriate parties."

Read more -here-

• Disney sues Sling TV over new short-term TV passes
• Chipolo launches its first rechargeable Bluetooth trackers
• Spotify launches in-app messaging
• Waymo can now test its self-driving vehicles in New York City
• The US government is taking a 10 percent stake in Intel
• Google is selling a version of Gemini for government agencies