Beware! Locky Ransomware Is Now Using JPEG/JPG Images

Recently that hackers are using Facebook Messenger to spread the ransomware using .SVG files. Now, security researchers have identified that hackers are using .JPG images to distributed harmful code of Locky Ransomware using social media platforms like Facebook and LinkedIn.

The researchers have discovered a misconfiguration in the infrastructure of these social networks that force the users to download the image files. This situation has become more dangerous as the attackers have figured out a way to embed dangerous code in the image files.

Check Point has already updated Facebook and LinkedIn regarding the new attack vector in September.

The security firm has also shared a demo video of Locky Ransomware “ImageGate” on its YouTube channel:

As more and more people are joining social networks, cyber criminals are focusing on using new techniques like ransomware. The new and inexperienced users easily fall into their traps.

Check Point also recommends a couple of preventive measures to fight against Locky Ransomware:

  • Just in case you’ve downloaded this file, don’t open it. Social media websites show the picture preview without downloading any file.
  • Don’t open images with unusual extensions like SVG, JS, or HTA.