Business IT

How malicious social media images are spreading ransomware

By Stephen Withers on Nov 26, 2016 6:28AM
How malicious social media images are spreading ransomware

Editor's Picks

5 essential digital transformation ideas

Top 5 Benefits of Managed IT Services

Venom BlackBook Zero 15 Phantom

Facebook, LinkedIn or Instagram? Social media success isn’t one size fits all

Facebook and LinkedIn are being used to spread malware including the Locky ransomware, according to a security provider.

Cyber criminals have found a way of crafting malicious image files that incorporate malware, according to researchers at security provider Check Point Software Technologies. And because these files appear to be images, they are accepted by many services.

The crims also found that misconfigured software at Facebook, LinkedIn and other major websites and social networks could be exploited to cause these files to be downloaded rather than merely displayed in visitors' browsers.

If the user then opens the downloaded file, the malware springs into action. Locky, for example, encrypts files on the system until the user pays a ransom.

Check Point has made this video to show how the process – dubbed ImageGate – works:

Newsletter Signup

Get the latest business tech news, reviews and guides delivered to your inbox.

I have read and accept the privacy policy and terms and conditions and by submitting my email address I agree to receive the Business IT newsletter and receive special offers on behalf of Business IT, nextmedia and its valued partners. We will not share your details with third parties.

The company alerted Facebook and LinkedIn in September, and will not fully disclose details to the public until all the major sites affected have fixed the problem.

The malware campaign is still active, so Check Point says there are two measures you should take:

  1. 1. If you have clicked on an image and your browser starts downloading a file, do not open it. Any social media website should display the picture without downloading any file.
  2. 2. Don't open any image file with unusual extension (such as SVG, JS or HTA).
Copyright © BIT (Business IT). All rights reserved.
Tags:
check point software ransomware security services social media
By Stephen Withers
Nov 26 2016
6:28AM
0 Comments

Related Articles

  • Ransomware: what SMBs needs to know
  • Why 2022 presents a year of increasing cybersecurity challenges
  • Under ransomware DDoS attack? Four tips to help your business navigate
  • The hidden costs of ransomware
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

5 essential digital transformation ideas

5 essential digital transformation ideas

Venom BlackBook Zero 15 Phantom

Venom BlackBook Zero 15 Phantom

Managers should be looking out for staff over these difficult weeks of short staffing

Managers should be looking out for staff over these difficult weeks of short staffing

Facebook, LinkedIn or Instagram? Social media success isn’t one size fits all

Facebook, LinkedIn or Instagram? Social media success isn’t one size fits all

Poll

What would you like to see more of on BiT?
News
Reviews
Features
How To's
Lollies
Photo Galleries
Videos
Opinion
View poll archive
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.