Facebook Messenger spreads Locky ransomware2016-11-23 03:14 by DanielaTags: Facebook, Locky, ransomware
A new Facebook scam campaign spreads among users the Nemucod malware downloader, which can install the Locky ransomware. Users receive a link in Messenger that is sent from hijacked accounts to all of a victims' friends. The link appears to be for a photo saved in the new SVG format. But it is in fact malicious and clicking on it takes unsuspecting users to a fake version of YouTube's website, which asks them to add a Chrome extension to their browser in order to watch a video. As with other ransomware, once activated Locky encrypts files on the infected machine and connected local networks before issuing a ransom demand for payment in bitcoin for them to be decrypted. The attack methodology was discovered by security researcher Bart Blaze, and has been acknowledged by Facebook. "We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook, and we are already blocking these ones from our platform," said a spokesperson. "In our investigation, we determined that these were not, in fact, installing Locky malware-rather, they were associated with Chrome extensions. We have reported the bad browser extensions to the appropriate parties." Read more -here-
Post your review/comments
rate:
avg:
|