Nov 28, 2016 07:39 AM EST
Researchers discovered that a certain ransomware can high-jack computers through the user's Facebook or LinkedIn account.
Check Point researchers discovered that a ransomeware called Locky uses the flaws of Facebook and LinkedIn to infect the PCs of the users of those social media platforms, Engadget reported.
Before, people thought malware can only penetrate devices through browser- and OS- based loopholes. Now, according to researchers from Check Point, Locky will trick users to download images with malicious codes. Upon opening these images, PC files of the user will get encrypted, and they have to pay up to fix them.
Attacks are done on the Delivery Mechanism
It is easy to spot and avoid Locky code by simply not opening the file. However, experts are worried more about the delivery mechanism. Most security apps are not very particular with big social networks, because they believe that these sites have enough budgets for their security. Because of this, people are not worried about downloading files from Facebook.
Locky targets delivery mechanisms in some of the biggest social network sites in the world, Digital Spy reported. This is a sneaky and smart way for this malicious entity to attack OS-based systems.
Facebook Denies Locky Exsists
Check Point has alerted Facebook and LinkedIn about this malware in September, but there are no reports if fixes have been done.
According to a Facebook spokesperson, this problem is not caused by a ransomeware, but from really bad Chrome extensions. This problem spread a scam, but was already blocked a few days ago.
The analysis about Locky is incorrect, according to the spokesperson. They said they have investigated these reports and found out that there were a number of bad Chrome extensions.
Check Point still pointed out that it would be best to be wary of download that users are not expecting from these social network sites.