If you’re the type of Internet user to quickly open image files on social media channels such as Facebook Messenger, you may need to think twice the next time you do so. This is because Locky, an infamous ransomware strain, is currently being circulated around social media platforms such as Facebook and LinkedIn via an attack vector involving infected JPEG image files.
Check Point Systems recently identified Locky being distributed through the new attack vector currently known as ImageGate. What this new attack vector does is that it “embeds malware in image and graphic files” and allows the perpetrators to easily “exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file.”
As soon as the user clicks on the downloaded image, the malicious code is executed and the device becomes infected with the Locky ransomware. All files within the device are then encrypted and the extension .locky is then added to the filenames. The files become accessible only after the victims pay the ransom.
This was not the first time that Locky made the headlines this year. Last February, then a new variant of ransomware detected by Symantec as Trojan.Cryptolocker.AF, Locky was found being rapidly spread around through spam emails that are made to appear like invoices and contained malicious attachments. Files in infected computers and devices were then encrypted, with the perpetrators demanding ransom that ranged from 0.50 to 1 bitcoin.
To help end-users avoid getting infected with Locky, Check Point Systems suggests checking files, especially image files, carefully before clicking and avoiding those that have unusual extensions such as .svg, .js or .hta. Don’t open files that are automatically downloaded after clicking on an image.
Protect yourself with Hotspot Shield VPN for ransomware
The effects of Locky and other ransomware strains can be devastating. But as with other malicious software, protecting yourself from getting infected with ransomware is not that hard. All you need are consistent exercising of good judgment, frequent updates for your security software, and a virtual private network such as Hotspot Shield.
Hotspot Shield is a VPN for ransomware that protects your device from ransomware strains such as Locky. Hotspot Shield does this by alerting you if the link that you clicked is malware-infected, and then blocking that site. Hotspot Shield does this by cross checking the site using a database of more than 3.5 million known malware infected sites.
In addition to its free malware protection feature, Hotspot Shield VPN for ransomware also has other nifty features to make your browsing experience secure and more enjoyable. Hotspot Shield VPN allows you to access your favorite sites by letting you bypass territorial and local network restrictions. It uses advanced encryption technology to protect your information during transit and hides your IP address to keep you from snoopers. It also secure your sessions when using public hotspots for a worry-free online experience.
Enjoy worry-free social media browsing by downloading Hotspot Shield VPN today!
Hotspot Shield VPN for ransomware is free to download and is available for use with Windows, Mac, iOS and Android devices. To know more about it benefits, visit the Hotspot Shield website and read our other blog posts.