Cyber Criminals now spreading ransomware through Facebook, LinkedIn

If you find a graphic or image on your computer and you don’t remember downloading it, stop before opening! Experts have seen a dramatic increase in what’s Locky Ransomware being shared by unsuspecting victims, now through social media platforms LinkedIn and Facebook.

Ransomware is insidious. It locks up your computer and the only way to unlock it is to pay a ransom.

Check Point, an Israeli security company, says it’s seen a massive spread of ransomware particularly in Facebook-based campaigns.

“The attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website,” Check Point reported. “The attackers exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file. This results in infection of the users’ device as soon as the end-user clicks on the downloaded file.”

Meet the Most Wanted U.S. Cyber Criminal

The hijackers are demanding to be paid in bitcoins. They’re asking for about half (or $365) according to the website Ars Technica.

Ransomware has been transmitted by users clicking on a link, and more recently, through visiting a website.

“These criminals have evolved over time and now bypass the need for an individual to click on a link. They do this by seeding legitimate websites with malicious code, taking advantage of unpatched software on end-user computers.” — FBI Cyber Division Assistant Director James Trainor

Now they’ve apparently moved on to social media.

The FBI says there’s not much you can once it’s happened. They don’t suggest paying the ransom. “Paying a ransom doesn’t guarantee an organization that it will get its data back,” Trainor said. “We’ve seen cases where organizations never got a decryption key after having paid the ransom.”

Solving the crime rarely happens, although the FBI does target cyber criminals. There’s even a Top Ten Most Wanted list of cyber crooks on the FBI website

FBI Top Ten Most Wanter Cyber Criminals

As for ransomware, “once it gets onto your computer, we do not have the technology to crack it and get your information back,” FBI Special Agent Scott Augenbaum told WAAY-TV

“We’ve had cases here in Birmingham (Alabama) where people have paid and had their computer unlocked, and they got hit again, so bear in mind you’re dealing with a criminal.” — Paul Daymond with the FBI in Birmingham via WAAY-TV.

Check Point recommends the following preventive measures:

1. If you have clicked on an image and your browser starts downloading a file, do not open it. Any social media website should display the picture without downloading any file.
2. Don’t open any image file with unusual extension (such as SVG, JS or HTA).

The FBI recommends the following to protect your computer from ransomware:

• Make sure you have updated antivirus software on your computer.
• Enable automated patches for your operating system and web browser.
• Have strong passwords, and don’t use the same passwords for everything.
• Use a pop-up blocker.
• Only download software — especially free software — from sites you know and trust (malware can also come in downloadable games, file-sharing programs, and customized toolbars).
• Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited e-mail, even if you think it looks safe. Instead, close out the e-mail and go to the organization’s website directly.
• Use the same precautions on your mobile phone as you would on your computer when using the Internet.
• To prevent the loss of essential files due to a ransomware infection, it’s recommended that individuals and businesses always conduct regular system back-ups and store the backed-up data offline.