Beware of new image files you didn’t download: They may launch ‘Locky’ ransomware. Locky arrived on computers via a “malicious macro” in a Word document. Locky has now spread to social media sites such as Facebook.
Typically what happens is that when you click on an image thumbnail, rather than displaying the image in a separate window, the file automatically downloads. It would be natural for most people to then click on the downloaded image — and that’s what executes the Locky code and immediately locks up all your files and demands ransom.
Thank you for the information on Locky! I actually just came across this particular malware in a different article, Apparently, locky was the 2nd most utilized malware in both September and October, However, the article didn’t provide any information regarding how locky is delivered or how to protect against it.
It’s really disappointing that Facebook and LinkedIn could be vulnerable to such a common form of malware, putting millions and millions of users potentially at risk. I could be more sympathetic to a zero day vulnerability, but Locky is a very common form of malware that should be recognized by these social media giants.
I even came across this article and it tells that the this malicious malware converts the file on your PC to .locky extension .This then encrypts all file and ask for bitcoins for payments for decrypting them.
The best way to keep away from locky is to enable macros in documents received by mail.
The application microsoft office if used for opening documents automatically keeps the macro disabled.
Coincidentally, a friend of mine was explaining me something similar happened at that person’s job. An attacker launched a malicious code to the small business’ server and encrypted everything. It looks like the hacker utilized this same method to get into the system. I advised them to unplugged the server from the network, keep it turned on and reach out to their legal team since they did not have proper IRP and DRP plans. They are now working on developing those plans.