The Broadband Guide
search advanced
 forgot password?

Facebook Messenger spreads Locky ransomware

2016-11-23 03:14 by
Tags: , ,


A new Facebook scam campaign spreads among users the Nemucod malware downloader, which can install the Locky ransomware.

Users receive a link in Messenger that is sent from hijacked accounts to all of a victims' friends. The link appears to be for a photo saved in the new SVG format. But it is in fact malicious and clicking on it takes unsuspecting users to a fake version of YouTube's website, which asks them to add a Chrome extension to their browser in order to watch a video.

As with other ransomware, once activated Locky encrypts files on the infected machine and connected local networks before issuing a ransom demand for payment in bitcoin for them to be decrypted.

The attack methodology was discovered by security researcher Bart Blaze, and has been acknowledged by Facebook.

"We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook, and we are already blocking these ones from our platform," said a spokesperson.

"In our investigation, we determined that these were not, in fact, installing Locky malware-rather, they were associated with Chrome extensions. We have reported the bad browser extensions to the appropriate parties."

Read more -here-


  Post your review/comments
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About