Tuesday, December 24, 2024
HomeRansomwareLocky Ransomware spreading through Facebook Messenger Via SVG File

Locky Ransomware spreading through Facebook Messenger Via SVG File

Published on

SIEM as a Service

SVG(Scalable Vector Graphics) send by your friend may have Locky Ransomwares, avoid clicking it. By appending the Ransomware to an image file can Bypass Facebook security framework pretending to be an image file.

SVG (Scalable Vector Graphics):

SVG is an XML-based vector image format for two-dimensional graphicswith support for interactivity and animation. The SVGspecification is an open standard developed by the World Wide Web Consortium (W3C) since 1999. SVGimages and their behaviors are defined in XML text files.

Ransomware:

A type of malicious software designed to block access to a computer system until a sum of money is paid.

- Advertisement - SIEM as a Service
Why make’s it as a Dropper?

SVG images can be created and edited with any text editor, more often they are created directly with a software that elaborates the images.More specifically, this means that you can embed any content you want (such as JavaScript), additionally, any modern browser will therefore able to open this file.

How do we Remove Malicious Extensions 

Firefox and Chrome has already blocked this extension and we hope Facebook will do that soon. Suppose if you are tricked into installing in this malware file you should remove them immediately.

To remove the offending extension, just go to Menu → More Tools → Extensions and check for the extension and remove it.Even worse, if you were infected with the ransomeware the only way is to restore the files. Stay safe.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing...

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer...

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the...

Malicious Apps On Amazon Appstore Records Screen And Interecpt OTP Verifications

A seemingly benign health app, "BMI CalculationVsn," was found on the Amazon App Store,...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

17M Patient Records Stolen in Ransomware Attack on Three California Hospitals

A staggering 17 million patient records, containing sensitive personal and medical information, have been...

NotLockBit – Previously Unknown Ransomware Attack Windows & macOS

A new and advanced ransomware family, dubbed NotLockBit, has emerged as a significant threat...

US Charged Chinese Hackers for Exploiting Thousands of Firewall

The US Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned Sichuan Silence...