Hackers are getting bolder by the day as they pull off one massive cyber attack after another. The aggressive Gooligan malware, the massive security breach at Yahoo or even the alarming DDOS attack that temporarily shut down North American cyberspace. It has become impossible to ignore such criminal exploits, as seen with the new malware, Locky.
Sadly, their crime spree may not be slowing down anytime soon. In fact, we’re already getting news that hackers already have something sinister up their sleeves just as we’re done savoring Thanksgiving turkeys and Black Friday deals.
LinkedIn and Facebook images can be exploited to put malicious code on your computer, according to Israeli security firm, Check Point. And it’s one scary malware.
What’s This New Cyber Threat?
It goes by the name “Locky”. Don’t be fooled by this ransomware’s cheery name, though, because it’s one mean threat.
Once your computer is infected by Locky, it will encrypt the C: drive on your device. Consequently, you won’t be able to access your most important files and programs. Afterward, it will demand a ransom of about half a Bitcoin (equivalent to $378) in exchange for the decryption key. That’s just for starters.
The ransomware could do far worse if it hits you and you’re logged in as a domain administrator. It will encrypt any file in any directory on any removable drives as well as connected networks, servers or computers. You could very well be dealt with some serious damage.
How Do You Get Infected?
Hackers embed a malicious code into an image file first and upload them on social media like Facebook and LinkedIn. When they’ve successfully uploaded such pictures, victims are deliberately forced to download the image to view it. Locky would then be installed the second an unsuspecting user opens the corrupted file. That’s when the nightmare begins.
The ransomware used to be delivered in Microsoft Word documents via email. Security reports reveal that the brains behind Locky are beginning to exploit vulnerabilities in social media to maliciously spread it.
Are Facebook and LinkedIn Taking Action?
It turns out that they’ve caught wind of such threats and have taken steps to protect their respective platforms further. Both companies officially deny the vulnerability in their websites, however. While their statements may be reassuring, it won’t hurt being extra vigilant using social media nowadays.
How Do I Protect Myself from Locky?
Keeping your devices safe from this ransomware is as easy as not opening any suspicious files you’ve downloaded. Pay special attention to images with weird-looking extensions (e.g. HTA, JS, or SVG) and never attempt to open such files. As the saying goes, “curiosity killed the cat”.
A digital security firm lists down some things you can do to protect yourself against Locky, too.
We’ve been hearing news of a near-catastrophic breach in security a lot this year. Because hackers won’t be going away anytime soon, vigilance may be our only weapon to keep them at bay.
