A disturbing ransomware has successfully hacked Facebook and LinkedIn to allow images to target and attack a user's gadget.
According to NDTV, the ransomware can target anyone because it has a "new attack vector" called "ImageGate."
What ImageGate does is it adds an embedded malware to the graphic files and uses a malicious code through the images. As per Check Point Software Technologies research, ImageGate was only successful in Facebook and LinkedIn. So far, no other social media sites were affected by ImageGate.
Nonetheless, this is still a big threat with Facebook being the top social media site in the world.
ImageGate creators "exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file.
"This results in infection of the users' device as soon as the end-user clicks on the download file."
Check Point also noted that the timing for this was also suspicious. Another malware called "Locky" was also released via social media. "Locky" was also largely campaigned in Facebook.
"Locky" was a dangerous malware. Once the user downloads and opens the file they received, all of their personal files in their devices will be automatically encrypted. That means the hackers can gain access to the user's data, unless a "ransom" is paid.
"As more people spend time on social networking sites, hackers have turned their focus to find a way in to these platforms. Cyber criminals understand these sites are usually 'white listed', and for this reason, they are continually searching for new techniques to use social media as hosts for their malicious activities. To protect users against the most advanced threats, Check Point strives to identify where attackers will strike next."
Check Point warns users with the emergence of these attacks. They said that to be safe, users should not automatically download a picture they do not see on social media.
"Any social media website should display the picture without downloading any file," according to Check Point.
The researchers also noted that file extension types such as SVG, JS or HTA are not to be trusted.
Meanwhile, Facebook spokesperson said it might not be caused by the malware. Instead, it could be because of bad Chrome extensions.
"We investigated these reports and discovered there were several bad Chrome extensions, which we have been blocking for almost a week," said Facebook.
