Facebook, LinkedIn Images Plagued With Malware

By Yuz Mitra, | December 14, 2016

A report by Check Point revealed that hackers are now using images to spread malware. (Christiaan Colen/CC BY-SA 2.0)

A report by Check Point revealed that hackers are now using images to spread malware. (Christiaan Colen/CC BY-SA 2.0)

Hackers have become more creative in the way they spread infectious files, even with the increased vigilance of web users.

A report by Check Point revealed that hackers are now using images to spread malware. The main target of these infected malware is Facebook and LinkedIn images. Check Point's research has identified the new attack method as ImageGate.

Like Us on Facebook

The creators of ImageGate apparently have developed a new method of embedding malicious and ill-purposed code into image files, which come in the form of unusual extensions not normally used by ordinary users, such as SVG, HTA or JS. The code can also be put in the most common JPG and PNG forms, which users upload to these social media websites. The program exploits misconfigurations in the infrastructure setting of the social network website which creates a scenario that forces users to download the infected image files. Upon downloading and setting in the users' local memory storage, it will spread the malware to machines once clicked.

Check Point researchers believe that with ImageGate, a variant of the Locky ransomware is being propagated.

For those who are unaware of what Locky is, it is the same ransomware that was used to hold all the medical data of a Kentucky Hospital in March. It was only in July that a website was launched to provide a solution to this program, but even that product is not 100 percent able to take care of the problem.

To protect yourself from falling prey to Locky, as propagated through any method, such as ImageGate, the most important thing you need to remember is to never open a suspicious file. It sounds pretty simple enough but still a lot of people fail to do so. Keep in mind that even if it was downloaded, as long as you do not click or open the infected file, the ransomware will stay in its packaged form and will not be able to spread into your device. And it can be easily and safely deleted in that form.


©2024 Telegiz All rights reserved. Do not reproduce without permission
Real Time Analytics