Skip to main content

ALERT : Hackers spreading Locky ransomware by uploading infected .SVG images on Facebook Messenger

ALERT : Hackers spreading Locky ransomware by uploading infected .SVG images on Facebook Messenger



enter image description here


Who Discovered ?

Bart Blaze, a very well known reputed security researcher first discovered this type of ransomware attack which is being conducted via Facebook Messenger. Later, Peter Kurse, another security researcher with extensive experience in investigating cyber-crimes confirmed the news to reporters.
Bart Blaze wrote in his personal blog :
“As always, be wary when someone sends you just an ‘image’ – especially when it is not how he or she would usually behave”.
And Facebook has released the following statement in response to the discovery:
“We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook, and we are already blocking these ones from our platform. In our investigation, we determined that these were not, in fact, installing Locky malware—rather, they were associated with Chrome extensions. We have reported the bad browser extensions to the appropriate parties”.


enter image description here


What is Locky Ransomware ?

The name of this ransomware is LOCKY. What is Locky ? it actually denotes one of the today’s prevalent ransomware families. It was discovered in the mid-February 2016. This file-encrypting epidemic proved to be sophisticated enough to fly under the radar of conventional anti-malware defense. However, Locky is one of the most preferred malicious software used by hackers.

How to spread ?

To spread Locky ransomware hackers are using a downloader software called Nemucod. This downloader is being used by hackers to help the ransomware bypass Facebook security by pretending to be a .svg image file. Hackers is now delivering this downloader software Nemucod through Facebook Messenger.
What is .svg image file ? How hackers spread ransomware through it ? SVG extension file is scalable vector graphics file. It’s based on XML (Extensible Markup Language). So, it’s very easy to implement a set of codes of any harmful programs in it.




However, in this case hackers has embedded JavaScript. When you access this infected vector image file (SVG) then this java-script directs you to a site that seems to be YouTube’s landing page. But, actually it is not real Youtube’s homepage. It’s a clone site developed by hackers. If you look in the url then you will find that it’s 100% different.


enter image description here


However, after loading the fishing site you’ll be requested to download & install a codec so that the desired video could be played. This codec is presented in Chrome extension. If you install this codec chrome extension then the attack shall be distributed to other friends of you via Facebook Messenger. And at the same time this chrome extension will install Nemucod downloader, and instantly Locky will be installed into your system via Nemucod downloader. After that your all personal files on PC will be encrypted (locked) by Locky & it’ll demand some money via Bitcoin to decrypt them.


enter image description here


Source of images used in this article : img-sourec1img-source2img-source3img-source4img-source5

Tags : Facebook, Hacks, News, Ransomware, Security, Malware, 

This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 



$3 Donation [Fixed]

$Any Amount





Comments

Popular Posts (Last 7 Days)

"The Old Man"- My Original Abstract Art

My Original Abstract Art "The Old Man"



 enjoy :) 
Tags : Abstract, Art, Drawing, Painting,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


Buy/Sell Your Steem Dollars ($SBD) via Perfect Money, Skrill & Neteller [Try to build up my dream project]

I was very much inspired by reading the post made by Charlie Shrem -https://steemit.com/steem/@charlieshrem/the-price-of-steem-where-do-we-go-from-here-reflections-by-charlie-shrem So, I think to build up a project where I buy/sell Steem Dollars ($SBD) via Fiat currencies such as Perfect Money USD/EUR, Skrill USD/EUR/GBP, Neteller USD/EUR/GBP, Payza USD/EUR/GBP, Payeer EUR/USD/GBP & Advcash USD/EUR/GBP. Where to buy/sell ? I choose peerhub for my project. You may signup here with facebook or,  email address. I've just listed some sell orders for testing purpose only : $5 Perfectmoney USD for $6.25 SBD https://www.peerhub.com/items/7025 $5 Skrill USD for $6.25 SBD https://www.peerhub.com/items/7026 $5 Neteller USD for $6.25 SBD https://www.peerhub.com/items/7027
What's the fee ? I've yet not fixed the fee rates. However, the testing fee is now 5% plus $1 USD (minimum). How can you trust me ? COLLATERAL OR ESCROW ?  It's the big question & most important also. I can r…

Our Great Festival Durga Puja - Series Photography [Maha Ashtami] #08

“Ya devi sarvabhuteshu shanti rupena samsthita,
Namastasyai Namastasyai Namastasyai Namo Namah” Durga Puja is our great festival. We celebrate every year in the month of October. It refers to all the five days observed as Shashthi, Maha Saptami, Maha Ashtami, Maha Nabami & Bijaya Dashami. In these days our city Kolkata wears glamorous attire & illumination . I framed some moments on my camera – PART #08 [Maha Ashtami]See also :PART #01 [Shashthi]PART #02 [Shashthi]PART #03 [Maha Saptami]PART #04 [Maha Saptami]PART #05 [Maha Saptami]PART #06 [Maha Ashtami]PART #07 [Maha Ashtami]
The main attractive thing of this “theme pandal” is all the decorations & sculptures are TERRACOTTA Estimated Cost : 1.1 Million RupeesDecorated entrance arc — . . .

BREAKING NEWS : Millions of Google Accounts Compromised by Gooligan Malware Attack

BREAKING NEWS : Millions of Google Accounts Compromised by Gooligan Malware Attack
image credit Gooligan Malware Attack is compromising Google accounts on android devices including Gmail, Google Play, Google Drive, Google Docs, Google Photos and some other services of Google. This malware is now attacking near 13K Google accounts on android devices per day. Google is aware & release an update recently : “Gooligan has breached over a million Google accounts. We believe that it is the largest Google account breach to date,” Researchers of an IT security firm CheckPoint, have discovered this malware campaign that has been targeting Android users. This malware has already breached more than 1 million Google accounts of users around the world. IT Security firm Checkpoint stated that : “These exploits still plague many devices today because security patches that fix them may not be available for some versions of Android, or the patches were never installed by the user. If rooting is suc…

Our Great Festival Durga Puja - Series Photography #01

"Ya devi sarvabhuteshu shanti rupena samsthita, Namastasyai Namastasyai Namastasyai Namo Namaha:" Durga Puja is our great festival. We celebrate every year in the month of October.  It refers to all the five days observed as Shashthi, Maha Saptami, Maha Ashtami, Maha Nabami & Bijaya Dashami. In these days our city Kolkata wears glamorous attire &  illumination . I framed some moments on my camera -- PART #01 (Pandal Theme by Mayitri Sangha Club)N.B. all the materials of this pandal are made with jute entrance Decorated arch
sculpture
sculpture welcome
a row of some sculptures  main entrance arc

Here I share my original abstract art “Fault of life”

Here I share my original abstract art “Fault of life”

enjoy :)
Tags : Abstract, Art, Drawing, Painting,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


Steemit bug found in “TAG”

Steemit bug found in “TAG”
image credit I just found a serious bug on steemit TAG. Today I published a news cum TIL post with 5 tags -
wilt news newslink til steemitnews https://steemit.com/wilt/@royalmacro/what-i-learnt-today-darkweb-raises-funds-for-assassinating-both-donald-trump-and-mike-pence But, my post is visible in only one section in “wilt”. Other tags are not working anymore. I searched frequently in the following sections which I tagged – https://steemit.com/created/newshttps://steemit.com/created/newslinkhttps://steemit.com/created/tilhttps://steemit.com/created/steemitnews My post is invisible in the above sections. It’s only visible in -
https://steemit.com/created/wilt
Update : I just found a solution. I used 4 tags instead of 5. Now, my post is visible to all 4 sections. Tags : Blockchain, Bugs, Cryptocurrency, Steemit,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steem…

Newslink : Russia's Tax Authorities Recognize Bitcoin and Other Cryptocurrencies

Russia’s Tax Authorities Recognize Bitcoin and Other Cryptocurrencies image credit  The uncertainties surrounding the use of Bitcoin and other cryptocurrencies have been laid to rest. In a document released on Nov. 29, 2016, Russia’s federal tax service has finally taken a position concerning the legality of Bitcoin use and transactions. The document emphatically stated that there is no legal prohibition of cryptocurrencies.    Read full news on cointelegraph site >> Tags : Bitcoin, Cryptocurrency, Money, News, Economics,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


What I learnt Today : South Africa is participating in largest and most advanced HIV vaccine trial program; makes its own history

What I learnt Today : South Africa is participating in largest & most advanced HIV vaccine trial program; makes its own history A big step for mankind - South Africa is participating in HIV (Human Immunodeficiency Virus) vaccine program. This vaccine could prevent HIV infection. The drug trial began last month. This program is called HVTN 702. About 5400 adults are participating in this HIV vaccine trial. Scientists say that this HIV vaccine program is the largest and most advanced trial program in South Africa. “If deployed alongside our current armoury of proven HIV prevention tools, a safe and effective vaccine could be the final nail in the coffin for HIV,” said Anthony Fauci, director of the National Institute of Allergy and Infectious Diseases (NIAID), which falls under the American National Institutes of Health (NIH), a co-funder of the trial. . “Even a moderately effective vaccine would significantly decrease the burden of HIV disease over time in countries and populations…

nonsense pen art [bird in a nest]

Nonsense Pen Art : Bird In A Nest
Full Image
Close Look Up
Close Lookup Bird
Close Lookup Tree
Close Lookup Bird
Close Lookup Tree Tags : Art, Drawing, Sketch,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


Back to Top