Malware can attack computers through social networks too if not only from browser or operating system. In a new report from researchers at Check Point a known ransomware named Locky is revealed taking advantage of flaws in the way LinkedIn and Facebook are hanlding images.
There’s a trick used that forces browser to download a maliciously coded image file to further facilitate hijacking of computer system the moment one opens it.
If one is aware and do not open the file the Locky code won’t affect the system as it is just a pedestrian.
The sad part of today’s anti-virus or such malware-blocking software or app is that they explicitly trust big social networks including Facebook and LinkedIn. Also, many users don’t worry about downloads from such social sites.
Check Point added they had informed both the social giants about the exploit in September this year and it is not yet known whether fixes have been processed.
However, a Facebook spokesperson said the report is wrong and is not in the case of ransomeware, but are bad Chrome extensions propagating a scam by messaging to others.
The statement of Mark Zuckerberg company reads, “This analysis is incorrect. There is no connection to Locky or any other ransomware, and this is not appearing on Messenger or Facebook. We investigated these reports and discovered there were several bad Chrome extensions, which we have been blocking for nearly a week. We also reported the bad browser extensions to the appropriate parties.”