Skip to main content

Hackers spreading Locky ransomware by uploading infected .SVG images on Facebook Messenger

What is Locky Ransomware ?

The name of this ransomware is LOCKY. What is Locky ? it actually denotes one of the today’s prevalent ransomware families. It was discovered in the mid-February 2016. This file-encrypting epidemic proved to be sophisticated enough to fly under the radar of conventional anti-malware defense. However, Locky is one of the most preferred malicious software used by hackers. 

Who Discovered ?

Bart Blaze, a very well known reputed security researcher first discovered this type of ransomware attack which is being conducted via Facebook Messenger. Later, Peter Kurse, another security researcher with extensive experience in investigating cyber-crimes confirmed the news to reporters.
Bart Blaze wrote in his personal blog :
 “As always, be wary when someone sends you just an ‘image’ – especially when it is not how he or she would usually behave”. 
And Facebook has released the following statement in response to the discovery:
 “We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook, and we are already blocking these ones from our platform. In our investigation, we determined that these were not, in fact, installing Locky malware—rather, they were associated with Chrome extensions. We have reported the bad browser extensions to the appropriate parties”. 

How does it spread ?

To spread Locky ransomware hackers are using a downloader software called Nemucod. This downloader is being used by hackers to help the ransomware bypass Facebook security by pretending to be a .svg image file. Hackers is now delivering this downloader software Nemucod through Facebook Messenger. 
What is .svg image file ? How hackers spread ransomware through it ? SVG extension file is scalable vector graphics file. It’s based on XML (Extensible Markup Language). So, it’s very easy to implement a set of codes of any harmful programs in it.
However, in this case hackers has embedded JavaScript. When you access this infected vector image file (SVG) then this java-script directs you to a site that seems to be YouTube’s landing page. But, actually it is not real Youtube’s homepage. It’s a clone site developed by hackers. If you look in the url then you will find that it’s 100% different.
However, after loading the fishing site you’ll be requested to download & install a codec so that the desired video could be played. This codec is presented in Chrome extension. If you install this codec chrome extension then the attack shall be distributed to other friends of you via Facebook Messenger. And at the same time this chrome extension will install Nemucod downloader, and instantly Locky will be installed into your system via Nemucod downloader. After that your all personal files on PC will be encrypted (locked) by Locky & it’ll demand some money via Bitcoin to decrypt them.

How to keep safe yourself from Locky ransomware infections?

To protect yourself from Locky take some preventive precautions to avoid any trouble in the future.  Following these rules strictly may decrease the chances of hijacking by Locky -
1. Do not connect your pc, laptop, tablet etc. to a public WiFi hot spot.
2. Do not open any attachments in email or chatbox from unknown or, suspicious senders.
3. Do not click any links in emails or chats from unknown senders.
4. Do not download any files attached in email or chat from unknown or, suspicious senders.
5. Try to avoid visiting malicious sites.
6. Do not download or, update software/apps from a third-party website, or store.
7. Do not use any out-dated or, pirated software.
8. Install WOT (web of trust) extension, and visit only reputed websites shows by WOT.
9. Keep your antivirus & windows up to date always.
10. You may use Kaspersky anti-ransomware tool, or, Bitdefender anti-ransomware tool for extra security.
11. Disable SMB v1, SMB v2, SMB v3 on windows via registry editing. How to disable it ? Read below.
12. Periodically set restore point. After attack you may able to use System Restore to get back to a known-clean state.13. Most Important : Always keep offline backup your data, or, do cloud backups.  

references : 

Tags : Hacks, Security, Ransomware, Malware, Facebook, News, Cyber Attack, Cyber Crime, 

This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 







Comments

Popular Posts (Last 7 Days)

ALERT ! Hacker is now trying to sell bitcointalk.org users hacked login credentials on darkweb

Another alarming news!!! [image source & credit] Same hacker who selling over 60 million hacked Dropbox users login credentials, is now trying to sell bitcointalk.org hacked database !!! In May 2015 bitcointalk.org database was hacked but, no hacked data was leaked. Now, on the 3rd September, 2016 an unknown hacker is trying to sell this leaked database on the dark marketplace.  A couple of hours ago this hacker also set an sell order of over 60 million Dropbox users login credentials on the dark market. About 514.408 bitcointalk.org accounts data such as username, email address, date of birth and password was hacked and now set for sell on the dark market. About  469,540  passwords are encrypted with SHA-256 & about  44,868  passwords are encrypted with SMF password encryption.  So, Please,  Change Your Bitcointalk.org Password Immediately !!!  Source of this news :https://www.hackread.com/hacked-bitcointalk-forum-database-on-dark-web/ This hacker also shared over 600 bitcointa…

One Black & White Photograph Daily for 30 days - Day #25

green yard - behind of my village home Camera : Xiaomi
Model : 2014818
Location : Bongaon, West Bengal, India
Snap Taken : 14 March 2016 Tags : Black & White Photography, Flowers & Plants photography, Landscape photography, Nature, Photography, 
This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


The Real Face Of India - Episode 133

The Real Face Of India - Episode#133 I believe that India is the most beautiful country in the world. In this series I show the real face of beautiful India. Half Dozen Photos of Natural Beauties Snap taken : 21 Mar 2018
Camera : SAMSUNG, Model : SM-A310N0 Other Episodes : Episode#01Episode#02Episode#03Episode#04Episode#05Episode#06Episode#07Episode#08Episode#09Episode#10Episode#11Episode#12Episode#13,

Steemit bug found in “TAG”

Steemit bug found in “TAG”
image credit I just found a serious bug on steemit TAG. Today I published a news cum TIL post with 5 tags -
wilt news newslink til steemitnews https://steemit.com/wilt/@royalmacro/what-i-learnt-today-darkweb-raises-funds-for-assassinating-both-donald-trump-and-mike-pence But, my post is visible in only one section in “wilt”. Other tags are not working anymore. I searched frequently in the following sections which I tagged – https://steemit.com/created/newshttps://steemit.com/created/newslinkhttps://steemit.com/created/tilhttps://steemit.com/created/steemitnews My post is invisible in the above sections. It’s only visible in -
https://steemit.com/created/wilt
Update : I just found a solution. I used 4 tags instead of 5. Now, my post is visible to all 4 sections. Tags : Blockchain, Bugs, Cryptocurrency, Steemit,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steem…

Newslink : Russia's Tax Authorities Recognize Bitcoin and Other Cryptocurrencies

Russia’s Tax Authorities Recognize Bitcoin and Other Cryptocurrencies image credit  The uncertainties surrounding the use of Bitcoin and other cryptocurrencies have been laid to rest. In a document released on Nov. 29, 2016, Russia’s federal tax service has finally taken a position concerning the legality of Bitcoin use and transactions. The document emphatically stated that there is no legal prohibition of cryptocurrencies.    Read full news on cointelegraph site >> Tags : Bitcoin, Cryptocurrency, Money, News, Economics,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


LINES by an unknown author

image credit I just found this poem in a very old book in our local library. There is no author name. I share it here :                         LINES The stars are dim, the moon shines cold, A gentle breeze sweeps o'er the lea, And softly falls the rippling sea,  On jutting reef and headland bold.
The chaffinch, eldest child of May, Impatient in his nest awakes, And with his rustling pinion shakes,  The dew that gems the hawthorn spray.
By mountain paths to pastures new, The lonely shepherd leads his flock, Light wreaths of mist on stream and rock,  Spread filmy veils of softest blue.
O ye, who through the slow-paced night, Have watched and wept, lift up lour eyes, Soon shall the golden morning rise, And crown the eastern hills with light. [COLLECTED] Tags : Poems, Poetry, Life,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Do…

It's not sunset ... It's at night .... My own work :)

This photo was taken yesterday. After 2 hours of sunset. It seems to me just unbelieveable ........... So, I share it....... believe it or not :)
Tags :Landscape photography, Nature, Photography, Sunset, Sky This Post Was Published On My Steemit Blog
Earned : $00.26 SBD Converted to USD @1.32$ Rate = $0.3432 USD
First Time heard about Steemit ? Click Here To Know...

Our Great Festival Durga Puja - Series Photography [Maha Nabami] #11

“Ya devi sarvabhuteshu shanti rupena samsthita,
Namastasyai Namastasyai Namastasyai Namo Namah” Durga Puja is our great festival. We celebrate every year in the month of October. It refers to all the five days observed as Shashthi, Maha Saptami, Maha Ashtami, Maha Nabami & Bijaya Dashami. In these days our city Kolkata wears glamorous attire & illumination . I framed some moments on my camera – PART #11 [Maha Nabami]See also :PART #01 [Shashthi]PART #02 [Shashthi]PART #03 [Maha Saptami]PART #04 [Maha Saptami]PART #05 [Maha Saptami]PART #06 [Maha Ashtami]PART #07 [Maha Ashtami]PART #08 [Maha Ashtami]PART #09 [Maha Ashtami]PART #10 [Maha Ashtami]
The main attractive thing of this “theme pandal” is all the decorations & sculptures are TERRACOTTA Estimated Cost : 6.7 Million RupeesDecorated entrance arc — . .

I love GREEN [My Original Work] - XIII

I love green, I love tree, I love nature ---
[Series XIII] : Green in Town two mango trees [front line] & numerous palm trees [behind] Tags : Nature, Photography, Landscape photography, Flowers & Plants photography,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


Shadow On Stained Glass [An Original Abstract Art]

shadow on stained glass
Progresses of my art-work





Tags : Abstract, Art, Drawing, Painting,  This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 

$3 Donation [Fixed]
Donate $Any Amount


Back to Top