Skip to main content
  1. Home
  2. Computing
  3. News

Beware of new image files you didn’t download: They may launch ‘Locky’ ransomware

Bruce Brown
By

locky ransomware self downloading image files hacker hacking symbol
www.elbpresse.de
If you see a new image or graphic file on your computer that you don’t recall downloading, do not open it. The Locky ransomware program has moved on from MS Office Word to Facebook and LinkedIn vulnerabilities, and is now putting files on your computer that can lock you out of your data, according to Ars Technica.

Earlier this year Locky arrived on computers via a “malicious macro” in a Word document. In the last week, however, Ars Technica quotes Israeli security company Check Point reporting a “massive spread of the Locky ransomware via social media, particularly in its Facebook-based campaign.”

Recommended Videos

Typically what happens is that when you click on an image thumbnail, rather than displaying the image in a separate window, the file automatically downloads. It would be natural for most people to then click on the downloaded image — and that’s what executes the Locky code and immediately locks up all your files and demands ransom.

Vulnerabilities in Facebook and LinkedIn have been exploited by the perpetrators of the Locky attack, according to Check Point. “The attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website. The attackers exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file. This results in infection of the users’ device as soon as the end user clicks on the downloaded file.”

When Locky is activated on your computer the ransomware locks you out of your files. The only way to retrieve your data is by paying a ransom, hence the term ‘ransomware.’ Ars Technica reports the current ransom to unlock a user’s computer is about half a bitcoin, or $365.

Check Point stated it previously informed Facebook and LinkedIn of the vulnerability currently being used in the ransomware attack, but won’t make the details public until those social media and other major sites fix the security flaw.

The security firm’s recommendations to consumers are: “If you have clicked on an image and your browser starts downloading a file, do not open it. Any social media website should display the picture without downloading any file. Don’t open any image file with unusual extension (such as SVG, JS or HTA).” Note, however, that the file extension could also be JPG, PNG, or any other common form.

The bottom line on avoiding this particular means of an attack by Locky is, if you click on an image and it starts to download, whatever you do, do not open the image file on your computer.

Topics
Bruce Brown
Bruce Brown
Contributing Editor
Digital Trends Contributing Editor Bruce Brown is a member of the Smart Homes and Commerce teams. Bruce uses smart devices…
How to delete a Discord server on desktop and mobile
Memrise bot in the Discord app directory.

Have you had enough of Discord for a while? We get it. It can be a little exhausting to say the least, especially if you’re running a jam-packed server, filled with multimedia and messages. Fortunately, if you’re in the mood to take a break, it’s not too hard to delete your Discord server.

Read more
How to customize mouse gestures on Mac
Apple Magic Mouse on a desk.

Did you know that you can still pull off gestures and haptic tricks with a Mac computer, even without a touchscreen? Such feats are possible, just as long as you own an Apple Magic Mouse. Far more than a sleek-looking desk accessory, the Magic Mouse functions much like a MacBook trackpad. Taps, long presses, swipes, and pinches (among other actions) deliver a number of results, and you’ll be able to customize these commands, too.

Read more
How to delete or hide chats in Microsoft Teams
Running Microsoft Teams on the Galaxy Tab S8.

Microsoft Teams is a terrific workplace platform for keeping the camaraderie strong. Featuring collaborative messaging, video conferencing, and file-sharing tools, it’s your one-stop-shop for in-office, hybrid and at-home workers alike. But anyone with a long history of using Teams will tell you how clogged up your message stockpile can get. Fortunately, deleting and hiding these exchanges is relatively easy to do, and we’ve put together this guide to help.

Read more