Skip to main content
  1. Home
  2. Computing
  3. News

Beware of new image files you didn’t download: They may launch ‘Locky’ ransomware

Bruce Brown
By

locky ransomware self downloading image files hacker hacking symbol
www.elbpresse.de
If you see a new image or graphic file on your computer that you don’t recall downloading, do not open it. The Locky ransomware program has moved on from MS Office Word to Facebook and LinkedIn vulnerabilities, and is now putting files on your computer that can lock you out of your data, according to Ars Technica.

Earlier this year Locky arrived on computers via a “malicious macro” in a Word document. In the last week, however, Ars Technica quotes Israeli security company Check Point reporting a “massive spread of the Locky ransomware via social media, particularly in its Facebook-based campaign.”

Recommended Videos

Typically what happens is that when you click on an image thumbnail, rather than displaying the image in a separate window, the file automatically downloads. It would be natural for most people to then click on the downloaded image — and that’s what executes the Locky code and immediately locks up all your files and demands ransom.

Vulnerabilities in Facebook and LinkedIn have been exploited by the perpetrators of the Locky attack, according to Check Point. “The attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website. The attackers exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file. This results in infection of the users’ device as soon as the end user clicks on the downloaded file.”

When Locky is activated on your computer the ransomware locks you out of your files. The only way to retrieve your data is by paying a ransom, hence the term ‘ransomware.’ Ars Technica reports the current ransom to unlock a user’s computer is about half a bitcoin, or $365.

Check Point stated it previously informed Facebook and LinkedIn of the vulnerability currently being used in the ransomware attack, but won’t make the details public until those social media and other major sites fix the security flaw.

The security firm’s recommendations to consumers are: “If you have clicked on an image and your browser starts downloading a file, do not open it. Any social media website should display the picture without downloading any file. Don’t open any image file with unusual extension (such as SVG, JS or HTA).” Note, however, that the file extension could also be JPG, PNG, or any other common form.

The bottom line on avoiding this particular means of an attack by Locky is, if you click on an image and it starts to download, whatever you do, do not open the image file on your computer.

Topics
Bruce Brown
Bruce Brown
Contributing Editor
Digital Trends Contributing Editor Bruce Brown is a member of the Smart Homes and Commerce teams. Bruce uses smart devices…
Which is better: Dell Latitude or Inspiron?
Dell Latitude 7400 2-in-1 review

Buying a laptop when you're deciding among the best brands can be confusing and overwhelming enough, but what about after you've picked a brand, and you find that it has a bunch of different lines of laptops to choose from?

If you're shopping Dell laptops, you're probably facing that very issue. In this guide, we'll try to make your decision a little easier by comparing two of the laptop manufacturer's main laptop lines: Latitude and Inspiron.
Design

Read more
You Asked: Why TVs with same model numbers have different specs
You Asked Feature

You’ve got more questions, I’ve got more answers. This is the second installment in a series that lets me answer some of the burning questions we get from the Digital Trends community. You all come up with great questions and we love them -- keep them coming!

Overseas TVs
Our first question today comes from @dragosmoldovan990 who wrote: I'm in Europe, and the AV landscape is kinda different here. Any chance for you to get a look at Philips OLED TVs, for instance? I know they are not available in the States but we simply have no good information sources here.

Read more
Labor Day sales: 42 best early deals you can shop right now
black friday 2020 deals still available featured resized

As Labor Day slowly rolls around, there are already a lot of great deals you can take advantage of. There's a deal on almost everything, from rechargeable batteries to bladeless fans and even gaming laptops and refrigerators. To save you the trouble, we've collected some of the best deals we could find across the board, so be sure to check out all the deals below, and let's jump right in!
Amazon Basics 16-Pack Rechargeable AA NiMH Batteries 2000 mAh -- $18, was $25

Rechargeable batteries can save you a ton of money in the long run, but they often tend to cost a lot upfront. Luckily, Amazon Basics has its own batteries that are pretty cheap, and for less than $20, you can grab a 16-pack of rechargeable NiMH batteries with a 2000mAh capacity.

Read more