As security firms across the oceans try to curb down cyber attacks every day, new forms of exploitation appear just as quickly.
A new sort of ransomware has been uncovered by the security firm Check Point, which comes in the form of image files downloaded through our social networks.
Cheekily dubbed “ImageGate” by the company, the new malware exploits the way networks such as Facebook, LinkedIn and Twitter handle images. The hacker only has to trick the user into downloading an infected image file from these networks, after its completion, there is little that can be done to prevent the ransomware from taking over the user’s PC.
“The attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website.
The attackers exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file. This results in infection of the users’ device as soon as the end-user clicks on the downloaded file.”
The malware was first uncovered while Check Point was researching on Locky ransomware programs. This type of program targets the user via phishing attacks mainly and upon gaining access to the system, encrypts the user’s data before demanding some sort of ransom.
In this particular instance, things are less black and white and it appears on the internet in the form of benign images which you so commonly see on Facebook and Twitter. There is apparently no protection right now for this kind of a threat.
The best course of action is to check whether the image is actually viewable online. If say a file has already been downloaded in your computer with an unknown format, it is best not to open it.
