Skip to main content

ALERT : Hackers spreading Locky ransomware by uploading infected .SVG images on Facebook Messenger

ALERT : Hackers spreading Locky ransomware by uploading infected .SVG images on Facebook Messenger



enter image description here


Who Discovered ?

Bart Blaze, a very well known reputed security researcher first discovered this type of ransomware attack which is being conducted via Facebook Messenger. Later, Peter Kurse, another security researcher with extensive experience in investigating cyber-crimes confirmed the news to reporters.
Bart Blaze wrote in his personal blog :
“As always, be wary when someone sends you just an ‘image’ – especially when it is not how he or she would usually behave”.
And Facebook has released the following statement in response to the discovery:
“We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook, and we are already blocking these ones from our platform. In our investigation, we determined that these were not, in fact, installing Locky malware—rather, they were associated with Chrome extensions. We have reported the bad browser extensions to the appropriate parties”.


enter image description here


What is Locky Ransomware ?

The name of this ransomware is LOCKY. What is Locky ? it actually denotes one of the today’s prevalent ransomware families. It was discovered in the mid-February 2016. This file-encrypting epidemic proved to be sophisticated enough to fly under the radar of conventional anti-malware defense. However, Locky is one of the most preferred malicious software used by hackers.

How to spread ?

To spread Locky ransomware hackers are using a downloader software called Nemucod. This downloader is being used by hackers to help the ransomware bypass Facebook security by pretending to be a .svg image file. Hackers is now delivering this downloader software Nemucod through Facebook Messenger.
What is .svg image file ? How hackers spread ransomware through it ? SVG extension file is scalable vector graphics file. It’s based on XML (Extensible Markup Language). So, it’s very easy to implement a set of codes of any harmful programs in it.




However, in this case hackers has embedded JavaScript. When you access this infected vector image file (SVG) then this java-script directs you to a site that seems to be YouTube’s landing page. But, actually it is not real Youtube’s homepage. It’s a clone site developed by hackers. If you look in the url then you will find that it’s 100% different.


enter image description here


However, after loading the fishing site you’ll be requested to download & install a codec so that the desired video could be played. This codec is presented in Chrome extension. If you install this codec chrome extension then the attack shall be distributed to other friends of you via Facebook Messenger. And at the same time this chrome extension will install Nemucod downloader, and instantly Locky will be installed into your system via Nemucod downloader. After that your all personal files on PC will be encrypted (locked) by Locky & it’ll demand some money via Bitcoin to decrypt them.


enter image description here


Source of images used in this article : img-sourec1img-source2img-source3img-source4img-source5

Tags : Facebook, Hacks, News, Ransomware, Security, Malware, 

This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 



$3 Donation [Fixed]

$Any Amount





Comments

Popular Posts (Last 7 Days)

What I Learnt Today : Most Malware Infected Top 20 Cities in the USA

What I Learnt Today : Most Malware Infected Top 20 Cities in the USA
image credit An anti-virus development firm Enigma Software Inc has recently published a list of most malware affected cities in the United States of America. Be careful while travelling these cities and using the public wifi, cyber cafe, public computer or using your flash drives or memory chips on such computer. There is a higher possibility to be get infected in these following cities, so, be extra careful - Tampa : The infection rate is 506% higher than the national average.Saint Louis : The infection rate is 392% higher than the national average.Orlando : The infection rate is 375% higher than the national average.Denver : The infection rate is 333% higher than the national average.Atlanta : The infection rate is 327% higher than the national average.Newark : The infection rate is 241% higher than the national average.Salt Lake City : The infection rate is 223% higher than the national average.Madison : The infec…

My Original 3D Art “Absent-minded”

My Original 3D Drawing “Absent-minded”







*All 3D models used in my 3D arts are created with the help of Poser Pro by myself Tags : Art, Drawing, Painting, Sketch,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


What I Learnt Today : Darkweb raises funds for assassinating both Donald Trump and Mike Pence

What I Learnt Today : Darkweb raises funds for assassinating both Donald Trump and Mike Pence
image credit We’re all familiar to the word “Darkweb”. This is the most secured, anonymous & mysterious internet’s underworld where all kinds of illegal services & products are found. The websites on Darkweb can only be accessible via TOR browser which masks IP(Internet protocol) addresses. We know FBI has shut down the biggest drug selling darknet marketplace Silkroad. Now, someone or, a group has recently developed a dark-website to collect funds for assassinating both President-elect Donald Trump and Vice-President-elect Mike Pence. This dark-website went live the previous week. The website has only a single HTML (Hyper Text Markup Language) file that contains this following plain text - Full Message On Darkwebsite “As you are all well aware, the consequences of having Donald Trump and Mike Pence as the leaders of the free world is extremely dangerous,” the website reads. “The poli…

“The Holi - festival of color, festival of love” My Original Abstract Art

My Original Abstract Art “The Holi - festival of color, festival of love”






Tags : Abstract, Art, Drawing, Painting,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


Here I share my original abstract art “Fault of life”

Here I share my original abstract art “Fault of life”

enjoy :)
Tags : Abstract, Art, Drawing, Painting,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


Newslink : Russia's Tax Authorities Recognize Bitcoin and Other Cryptocurrencies

Russia’s Tax Authorities Recognize Bitcoin and Other Cryptocurrencies image credit  The uncertainties surrounding the use of Bitcoin and other cryptocurrencies have been laid to rest. In a document released on Nov. 29, 2016, Russia’s federal tax service has finally taken a position concerning the legality of Bitcoin use and transactions. The document emphatically stated that there is no legal prohibition of cryptocurrencies.    Read full news on cointelegraph site >> Tags : Bitcoin, Cryptocurrency, Money, News, Economics,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


3D Model Creations with Poser : 3D Object Alien

3D Model Creations with Poser : 3D Object Alien Nowadays 3D models are very essential in everywhere in the world of virtual world. A millions of 3D models are being created every year and they are vastly being used in the area of 3D animations, cinema, computer games, mobile apps & games etc. So, the demand of this type of 3D models are now very high. Thousands of professionals are now involved in the big industry of virtual world in creating various types of 3D models & earned million dollars. Everyday the demand is increasing, so, price of 3D models are also increasing very rapidly. There are hundreds of reputed websites for buying & selling 3D models. Such as – Turbosquid, DAZ 3D studio etc . And also there are few types of software are available in the market which are used to create this 3D models. Such as – 3D Studio Max, Poser, Bryce, Maya, ZBrush etc. Here I post one of my 3D model “ALIEN”. I have created this 3D model with the help of Poser Pro 2014. You may down…

Newslink: Coinbase Seeks Patent for Bitcoin Private Key Security System

image credit  Bitcoin and ether exchange startup Coinbase is seeking a patent for a security system for bitcoin private keys...............  Read full story on CoinDesk.com >> Tags : Bitcoin, Business, Cryptocurrency, News, Security,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


Steemit bug found in “TAG”

Steemit bug found in “TAG”
image credit I just found a serious bug on steemit TAG. Today I published a news cum TIL post with 5 tags -
wilt news newslink til steemitnews https://steemit.com/wilt/@royalmacro/what-i-learnt-today-darkweb-raises-funds-for-assassinating-both-donald-trump-and-mike-pence But, my post is visible in only one section in “wilt”. Other tags are not working anymore. I searched frequently in the following sections which I tagged – https://steemit.com/created/newshttps://steemit.com/created/newslinkhttps://steemit.com/created/tilhttps://steemit.com/created/steemitnews My post is invisible in the above sections. It’s only visible in -
https://steemit.com/created/wilt
Update : I just found a solution. I used 4 tags instead of 5. Now, my post is visible to all 4 sections. Tags : Blockchain, Bugs, Cryptocurrency, Steemit,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steem…

What I learnt Today : South Africa is participating in largest and most advanced HIV vaccine trial program; makes its own history

What I learnt Today : South Africa is participating in largest & most advanced HIV vaccine trial program; makes its own history A big step for mankind - South Africa is participating in HIV (Human Immunodeficiency Virus) vaccine program. This vaccine could prevent HIV infection. The drug trial began last month. This program is called HVTN 702. About 5400 adults are participating in this HIV vaccine trial. Scientists say that this HIV vaccine program is the largest and most advanced trial program in South Africa. “If deployed alongside our current armoury of proven HIV prevention tools, a safe and effective vaccine could be the final nail in the coffin for HIV,” said Anthony Fauci, director of the National Institute of Allergy and Infectious Diseases (NIAID), which falls under the American National Institutes of Health (NIH), a co-funder of the trial. . “Even a moderately effective vaccine would significantly decrease the burden of HIV disease over time in countries and populations…
Back to Top