Locky Ransomware has been one of the strongest Ransomware strain, ever since it has appeared. Further, Ransomware authors have settled many more variants to the strain in order to spread menace.
Cybercriminals lurk around social media (more specifically Facebook and LinkedIn) with ImageGate Ransomware to attack users’. Ars Technica has said, “security flaws in the two social networks allow a maliciously coded image file to download itself to a user’s computer. Users who notice the download, and who then access the file, cause malicious code to install “Locky” ransomware onto their computers.”
Image containing viciousness has an unusually extension such as SVG, JS, or HTA. Upon clicking, the strain opens a separate Windows instead of any image. This further installs Locky Ransomware, which upon installation encrypts all files. Ars Technica has also said quoting Check Point, “The attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website. The attackers exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file. This results in infection of the users’ device as soon as the end-user clicks on the downloaded file.
See Also: 5 Unusual Ransomware Stories
As more people spend time on social networking sites, hackers have turned their focus to find a way in to these platforms. Cyber criminals understand these sites are usually ‘white listed,’ and for this reason, they are continually searching for new techniques to use social media as hosts for their malicious activities.”
Locky Ransomware, typically encrypts the files and changes its extension to 16 unique digits followed by ‘.locky’. Earlier, Locky had used malicious macro in Word documents and spam e-mails to infect computers. However, any such thing isn’t required after this nasty ransomware images has been deployed. Currently, the said ransomware demands ransom for around $365.
Users’ are recommended not to click on any such file. A single click automatically downloads and installs Locky upon user’s system and lock them out from their own files. Check Point has also mentioned that even if a user has clicked on the images and browser has started downloading the file, do not open it.
See Also: 7 Biggest Ransomware Threats of 2016
Preventive Steps against Ransomware
While fighting back with Ransomware is next to impossible, one can take preventive measures so as to avoid Ransomware attacks. Security firms’ advice users to have a strong backup of all their data and to use authentic anti-virus or anti-malware tools. You should also regularly update your all program and software running on your system. This blocks the way for Ransomware looking for vulnerability in installed software.
To get a safe and secure backup of your files, you should use Ransomware Protector. It’s helps you have complete backup of your data by storing it on cloud security. When you upload your files, they are encrypted with 256-bit AES. This further ensure tight-knight security of your files.
Do take a backup of your data before Ransomware takes it off!