Skip to main content

Hackers spreading Locky ransomware by uploading infected .SVG images on Facebook Messenger

What is Locky Ransomware ?

The name of this ransomware is LOCKY. What is Locky ? it actually denotes one of the today’s prevalent ransomware families. It was discovered in the mid-February 2016. This file-encrypting epidemic proved to be sophisticated enough to fly under the radar of conventional anti-malware defense. However, Locky is one of the most preferred malicious software used by hackers. 

Who Discovered ?

Bart Blaze, a very well known reputed security researcher first discovered this type of ransomware attack which is being conducted via Facebook Messenger. Later, Peter Kurse, another security researcher with extensive experience in investigating cyber-crimes confirmed the news to reporters.
Bart Blaze wrote in his personal blog :
 “As always, be wary when someone sends you just an ‘image’ – especially when it is not how he or she would usually behave”. 
And Facebook has released the following statement in response to the discovery:
 “We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook, and we are already blocking these ones from our platform. In our investigation, we determined that these were not, in fact, installing Locky malware—rather, they were associated with Chrome extensions. We have reported the bad browser extensions to the appropriate parties”. 

How does it spread ?

To spread Locky ransomware hackers are using a downloader software called Nemucod. This downloader is being used by hackers to help the ransomware bypass Facebook security by pretending to be a .svg image file. Hackers is now delivering this downloader software Nemucod through Facebook Messenger. 
What is .svg image file ? How hackers spread ransomware through it ? SVG extension file is scalable vector graphics file. It’s based on XML (Extensible Markup Language). So, it’s very easy to implement a set of codes of any harmful programs in it.
However, in this case hackers has embedded JavaScript. When you access this infected vector image file (SVG) then this java-script directs you to a site that seems to be YouTube’s landing page. But, actually it is not real Youtube’s homepage. It’s a clone site developed by hackers. If you look in the url then you will find that it’s 100% different.
However, after loading the fishing site you’ll be requested to download & install a codec so that the desired video could be played. This codec is presented in Chrome extension. If you install this codec chrome extension then the attack shall be distributed to other friends of you via Facebook Messenger. And at the same time this chrome extension will install Nemucod downloader, and instantly Locky will be installed into your system via Nemucod downloader. After that your all personal files on PC will be encrypted (locked) by Locky & it’ll demand some money via Bitcoin to decrypt them.

How to keep safe yourself from Locky ransomware infections?

To protect yourself from Locky take some preventive precautions to avoid any trouble in the future.  Following these rules strictly may decrease the chances of hijacking by Locky -
1. Do not connect your pc, laptop, tablet etc. to a public WiFi hot spot.
2. Do not open any attachments in email or chatbox from unknown or, suspicious senders.
3. Do not click any links in emails or chats from unknown senders.
4. Do not download any files attached in email or chat from unknown or, suspicious senders.
5. Try to avoid visiting malicious sites.
6. Do not download or, update software/apps from a third-party website, or store.
7. Do not use any out-dated or, pirated software.
8. Install WOT (web of trust) extension, and visit only reputed websites shows by WOT.
9. Keep your antivirus & windows up to date always.
10. You may use Kaspersky anti-ransomware tool, or, Bitdefender anti-ransomware tool for extra security.
11. Disable SMB v1, SMB v2, SMB v3 on windows via registry editing. How to disable it ? Read below.
12. Periodically set restore point. After attack you may able to use System Restore to get back to a known-clean state.13. Most Important : Always keep offline backup your data, or, do cloud backups.  

references : 

Tags : Hacks, Security, Ransomware, Malware, Facebook, News, Cyber Attack, Cyber Crime, 

This Post Was Published On My Steemit Blog. Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit 


Popular Posts (Last 7 Days)

The Real Face Of India - Episode 133

The Real Face Of India - Episode#133 I believe that India is the most beautiful country in the world. In this series I show the real face of beautiful India. Half Dozen Photos of Natural Beauties Snap taken : 21 Mar 2018   Camera : SAMSUNG, Model : SM-A310N0 Other Episodes :  Episode#01 ,  Episode#02 ,  Episode#03 ,  Episode#04 ,  Episode#05 ,  Episode#06 ,  Episode#07 ,  Episode#08 ,  Episode#09 ,  Episode#10 ,  Episode#11 ,  Episode#12 ,  Episode#13 ,  Episode#14 ,  Episode#15 ,  Episode#16 ,  Episode#17 ,  Episode#18 ,  Episode#19 ,  Episode#20 ,  Episode#21 ,  Episode#22 ,  Episode#23 ,  Episode#24 ,  Episode#25 ,  Episode#26 ,  Episode#27 ,  Episode#28 ,  Episode#29 ,  Episode#30 ,  Episode#31 ,  Episode#32 ,  Episode#33 ,  Episode#34 ,  Episode#35 ,  Episode#36 ,  Episode#37 ,  Episode#38 ,  Episode#39 ,  Episode#40 ,  Episode#41 ,  Episode#42 ,  Episode#43 ,  Episode#44 ,  Episode#45 ,  Episode#46 ,  Episode#47 ,  Episode#48 ,  Episode#49 ,  Episode#50 , 

Untitled 3

Tags : Life, Photography, Flood, This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit  $3 Donation [Fixed] Donate $Any Amount

Earn Bitcoin by playing free fun games (non gambling)

To earn bitcoin by playing free games is very exciting. Here I give a list of all games I searched on Google. 1.  SatoshiQuiz  :SatoshiQuiz is a quiz website where users win bitcoin for correctly answering questions from various categories.. You can earn 100 to 1000 satoshi per winning quiz.  Try the new android app and get 5000 satoshis.  Download   Min withdrawal amount is 11000 satoshis & Processed once every week on Sunday.1000 satoshi fees deducted per withdrawal to prevent abuse. Premium account fees is 100000 satoshis per month.   2.  Bitcoin Riddles  :Solve riddles presented in YouTube videos and if you are the first to get the correct answer you win a prize in BTC! Minimum withdrawal is 100 bits. After signup you will get free 10 bits.  3.  Sparkprofit  : Spark Profit aims to be the world's most rewarding app! It teaches you how to profitably trade on the financial markets, and pays you cash rewards when you do well. Platform : Windows, Mac, Android &

Fine Arts Tips : How to Draw a Leopard With Pencil - by Leonardo Pereznieto

This video tutorial was made by Leonardo Pereznieto on youtube. For more tutorials please, visit : Visit his more works on : Facebook : Website:         How to Draw a Leopard With Pencil - Big Cat     Thanks :D Tags : Art, Drawing, Tutorials, Video, Youtube, Sketch,  This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit  $3 Donation [Fixed] Donate $Any Amount

My original abstract art is here "terrorism and violence on the earth"

Today here I share one of my abstract art "terrorism and violence on the earth" Hope you may enjoy :D Tags : Abstract, Art, Drawing, Painting,  This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit  $3 Donation [Fixed] Donate $Any Amount

Steemit bug found in “TAG”

Steemit bug found in “TAG” image credit I just found a serious bug on steemit TAG. Today I published a news cum TIL post with 5 tags - wilt news newslink til steemitnews But, my post is visible in only one section in “wilt”. Other tags are not working anymore. I searched frequently in the following sections which I tagged – My post is invisible in the above sections. It’s only visible in - Update : I just found a solution. I used 4 tags instead of 5. Now, my post is visible to all 4 sections. Tags : Blockchain, Bugs, Cryptocurrency, Steemit,  This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to hel

One Black & White Photograph Daily for 30 days - Day #25

green yard - behind of my village home Camera : Xiaomi Model : 2014818 Location : Bongaon, West Bengal, India Snap Taken : 14 March 2016 Tags : Black & White Photography, Flowers & Plants photography, Landscape photography, Nature, Photography,  This Post Was Published On My Steemit Blog . Please, navigate to steemit and cast a free upvote to help me if you like my post. First Time heard about Steemit ? Click Here To Know Everything About Steemit  $3 Donation [Fixed] Donate $Any Amount

mathematics behind chess

Is there any relationship between supposing numerically and supposing in the round of Chess? At the end of the day, should a man having a dynamic personality in Mathematics turned out to be essentially a decent Chess player have aptitudes in Mathematics?  It is important to call attention to that because of the subject intricacy, our endeavors will be to clarify essential attributes of both  Science and Chess which have been postured by surely understood Mathematicians and Chess players. In like manner, we are not keen on uncovering truths, for instance, from the Theory of Knowledge, Psychology, Epistemology or going further into the specialized and complex parts of Chess.  In the first place, let us analyze a few characteristics of Mathernatics.  Individuals having poor involvement in Mathematics trust that knowing how to include, subtract, increase or separation empowers them to say that they could ace Mathematics. Others having some aptitude in performing fa

Visiting deep inside the Sundarbans & spent days with Bawali - Episode #16

In the last October-November I visited Sundarbans, the world's one of the largest mangrove forest. It was also declared as world heritage site by UNESCO in 1997. In this forest a numerous wildlife species exist - birds, reptiles, fishes, amphibians and also the king of the forest "Royal Bengal Tiger". The ganges dolphins & crocodiles are also living in the canals of Sundarbans. Chital is a one kind of spotted deer living in this forest. The rural life in the area of this coastal forest is also very attractive. They basically maintain their lives by collecting honey, woods and fishes. In the native language they are called as Bawali. I spent some days with them. Here I share some of my tour photographs of Sundarbans and Bawali -- Kewra, one kind of mangrove tree grows in Sunderbans Main Mangrove trees in Sundarbans (from left)- Gewa (Excoecaria agallocha L.) , Kewra (Pandanus odoratissimus), Sundori (Heritiera littoralis) and Golpata (Nypa fruticans) Camera :

Yoga and Health

image credit ## Health  In its holistic approach health is defined as a state of complete physical, mental and social well-being. The spiritual perspective is regarded as important as others. So far so much efforts and importance are being given on physical aspects of health. Mental perspective is rarely explored and till late the spiritual soundness is applied to religion only. It is high time we give a balanced importance to physical, mental and spiritual aspects of healthy habits.     image credit ## Yoga  From time immemorial people regard physical exercise as one of the most important way to retain health and fitness. Yoga is a form of exercise that looks after the mental and spiritual health of the person also. Other forms of exercise like aerobics are concerned with the physical wellbeing only. Yoga is believed to elevate the life force - *Kundalini* at the base of the spine. image credit Yoga has –  * Physical Aspects – Consists of postures or *asanas* with
Back to Top