SMT

Resource

Center

 

Coming Soon

Security Management Technology Center Develop Elearning, FAQ , New Center...

SMT BLOG

Security researchers have discovered an attack that makes use of your Facebook Messenger to spread Locky malware. In a short period of time, Locky has become one of the favorite ransomware of spammers. It usually spreads via spam emails with a disguised downloader.

This attack was first discovered by malware researcher Bart Blaze. Surprisingly, the malware manages to bypass Facebook’s file extension filter.

The hackers are spreading this ransomware using an .SVG image file. So, if you receive one that looks like the one shown ahead, avoid clicking it. I myself got this ransomware in my inbox via a friend.

How does an image carry Locky ransomware?

For those who don’t know, an .SVG file is an XML-based vector image with support for animation and interactivity. This means that one can embed content, like JS, in the file. The file being shared here is a heavily obfuscated script that redirects one to a shady website, prompting one to download an additional extension.

It looks like this malware is used to download more malware on a system. The security researchers have found Locky ransomware as payload in their investigations.

Remove the malicious extension immediately:

The extension has no icon, so it might seem invisible. It can have one of following descriptions:

One ecavu futolaz corabination timefu episu voloda

Ubo oziha jisuyes oyemedu kira nego mosetiv zuhum

The users are advised to open the Extensions list from Chrome menu and look for the description. Now, simply clicking on the remove button will delete it.

One must change his/her Facebook password and run a deep antivirus scan. You are also requeste to share this news with your friends and make them aware.

** Disclaimer **

Any actions and or activities related to the material contained within this Website is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.

This site contains materials that can be potentially damaging or dangerous. If you do not fully understand something on this site, then GO OUT OF HERE! Refer to the laws in your province/country before accessing, using,or in any other way utilizing these materials.These materials are for educational and research purposes only.Do not attempt to violate the law with anything contained here. If this is your intention, then LEAVE NOW! Neither administration of this server, the authors of this material, or anyone else affiliated in any way, is going to accept responsibility for your actions. Neither the creator is responsible for the comments posted on this website.

Newsletter

Subscribe to our newsletter and stay updated on the latest news and special offers!
Please wait