Thursday, May 15, 2025
HomeRansomwareLocky Ransomware spreading through Facebook Messenger Via SVG File

Locky Ransomware spreading through Facebook Messenger Via SVG File

Published on

SIEM as a Service

Follow Us on Google News

SVG(Scalable Vector Graphics) send by your friend may have Locky Ransomwares, avoid clicking it. By appending the Ransomware to an image file can Bypass Facebook security framework pretending to be an image file.

SVG (Scalable Vector Graphics):

SVG is an XML-based vector image format for two-dimensional graphicswith support for interactivity and animation. The SVGspecification is an open standard developed by the World Wide Web Consortium (W3C) since 1999. SVGimages and their behaviors are defined in XML text files.

Ransomware:

A type of malicious software designed to block access to a computer system until a sum of money is paid.

- Advertisement - Google News
Why make’s it as a Dropper?

SVG images can be created and edited with any text editor, more often they are created directly with a software that elaborates the images.More specifically, this means that you can embed any content you want (such as JavaScript), additionally, any modern browser will therefore able to open this file.

How do we Remove Malicious Extensions 

Firefox and Chrome has already blocked this extension and we hope Facebook will do that soon. Suppose if you are tricked into installing in this malware file you should remove them immediately.

To remove the offending extension, just go to Menu → More Tools → Extensions and check for the extension and remove it.Even worse, if you were infected with the ransomeware the only way is to restore the files. Stay safe.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Threat Actors Leverage Weaponized HTML Files to Deliver Horabot Malware

A recent discovery by FortiGuard Labs has unveiled a cunning phishing campaign orchestrated by...

TA406 Hackers Target Government Entities to Steal Login Credentials

The North Korean state-sponsored threat actor TA406, also tracked as Opal Sleet and Konni,...

Google Threat Intelligence Releases Actionable Threat Hunting Technique for Malicious .desktop Files

Google Threat Intelligence has unveiled a series of sophisticated threat hunting techniques to detect...

New Adobe Photoshop Vulnerability Enables Arbitrary Code Execution

Adobe has released critical security updates addressing three high-severity vulnerabilities (CVE-2025-30324, CVE-2025-30325, CVE-2025-30326) in...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Ransomware Attacks Surge by 123% Amid Evolving Tactics and Strategies

The 2025 Third-Party Breach Report from Black Kite highlights a staggering 123% surge in...

Cybercriminals Hide Undetectable Ransomware Inside JPG Images

A chilling new ransomware attack method has emerged, with hackers exploiting innocuous JPEG image...

New Mamona Ransomware Targets Windows Systems Using Abused Ping Command

Cybersecurity researchers are raising the alarm about a newly discovered commodity ransomware strain dubbed Mamona,...