Spreading of a malware disguising itself into plain looking files on Facebook was recently revealed to be disrupting many systems. But not many days have passed that a similar trick has been exposed by a security firm which enters into a user’s system by taking advantage of images.
This virus has the power to set the malicious code into an image file and then upload it directly into the social networking platform. According to researchers Roman Ziakin and Dikla Barda, the invaders exploit a misconfiguration on Facebook’s infrastructure and push their victims to download the image file which in turn infects the user’s device promptly as the end-user clicks on the downloaded image.
For testing how the malware actually makes its way into the system, the researchers sent a plain JPG file via Facebook Messenger. Upon clicking the attachment, it opens up a Windows save prompt where it downloads the .hta file. By double clicking on the downloaded image, the file released a copy of the Locky ransomeware. This copy then then encrypts various files on the target’s computer. This is the time when the invaders can ask victims for ransom money for freeing their device from infections.
Facebook is considered “white listed” among hackers therefore they are in an incessant search for latest techniques to attach social media and carry on with their malicious activities. This is the reason that this social media platform remains under threats and warns its users to stay watchful for any suspicious activities on their accounts.
It is never safe to keep on clicking images and sites you are not sure about on the internet. Staying alert and warning others can help a lot from not getting the devices infected with such malwares. According to the statements of Facebook’s spokesperson, the analysis carried out is not correct and there is no link of Locky ransomeware appearing on Facebook messenger. But upon company’s own investigation few of the bad Chrome extensions are making all the trouble. The bad browser extensions have been blocked and are forwarded to the appropriate parties. Regarding the report of the URL handling issue that appeared on Firefox, Facebook is conducting an inquiry but the authorities are assuring the website that it has nothing to do with malware problems.
Via: NeoWin