Leave a comment

Top Story: Watch out! Facebook spreading ransomware!

Top Story: Watch out! Facebook spreading ransomware!

NOTE: This news article has been updated with the latest information. Click here to read this updated news article now.

Ransomware has been the fastest growing cybercrime of the year. The FBI says cybercriminals could rake in almost $1 billion from these attacks in 2016 alone. Yikes!

These types of attacks become extra dangerous when mixed with one of the most popular sites in the world. That makes this new ransomware attack that is spreading through a Facebook app so horrifying.

Ransomware is quickly becoming the common cybercriminals favorite method of attack. That's because it is easy to mass deploy, payoffs can be massive, and with the use of Bitcoin as currency, payment exchanges can be virtually anonymous.

We've just learned of a ransomware attack that is being deployed through Facebook Messenger. What's worse is that it's a form of Locky ransomware, which has no decryption program to get rid of it. We've warned you before of the dangers of Locky ransomware.

What to watch out for

Here is what you need to watch out for with this ransomware attack:

People are receiving strange messages through Facebook Messenger that only contain an image. It looks like a photo is sent as an attachment that you need to click on to view. The fake photo ends in .svg.

The photo is actually a Scalable Vector Graphic (SVG) file. It's not a real photo; instead, it's a JavaScript attack.

If you try opening this file, you will be directed to a fake YouTube site with a video from Facebook. You will then be asked to install a Chrome extension so that you can watch the video. Here is what the fake YouTube site with Chrome extension looks like:

extension

photo credit: Bartblaze

Warning! This Chrome extension is malicious and could install malware onto your gadget. The malicious downloader is known as Necumod, which would be used to download the Locky ransomware.

What you should do

  • Do not click on an SVG file - If you get one of these messages through Facebook Messenger, do not click on the photo.
  • Warn your friends - If you get a message with the SVG file, more than likely your friend has been hacked. Let them know immediately so they can warn others not to click on the malicious link.
  • Deny Chrome Extension - If you do click on one of these SVG files by mistake, you still have time to avoid the ransomware. When you are directed to the fake YouTube site and are asked to install the Chrome Extension, do NOT do it.
  • On your browser, click menu.
  • Select More Tools >> Extensions.
  • On the extension you want to remove, click Remove from Chrome.
  • A notice to remove the extension will appear. Click Remove.
  • Remove the extension - If you went as far as installing this malicious extension, remove it immediately. Here are the steps to remove it:
    • On your browser, click Menu.
    • Select More Tools >> Extensions.
    • On the extension you want to remove, click Remove from Chrome. It's the button that looks like a trash can.
    • A notice to remove the extension will appear. Click Remove.
  • Protect your gadget with internet security software

 

More news stories you can't miss:

How to speed up a slow phone in 5 minutes or less

7 secret iOS 10 features used by the pros

New Amazon phishing scam spreading like wildfire!

Source: Tomsguide
Apple will replace these faulty iPhone batteries
Previous Happening Now

Apple will replace these faulty iPhone batteries

Check your kids' phones for this dangerous app right now
Next Happening Now

Check your kids' phones for this dangerous app right now

View Comments ()