Malware uses Facebook and LinkedIn images to hijack your PC

Malware doesn’t always have to attack your computer through browser- or OS-based exploits. Sometimes, it’s the social networks themselves that can be the problem. Researchers at Check Point have discovered that a variant of known ransomware, Locky, is taking advantage of flaws in the way Facebook and LinkedIn (among others) handle images in its bid to infect your PC. The trick forces your browser to download a maliciously coded image file that hijacks your system the moment you open it. If you do, your files are encrypted until you pay up.

While the actual Locky code is relatively pedestrian and easy to avoid if you’re aware (just don’t open the file), it’s the delivery mechanism that has analysts worried. Many security apps explicitly trust big social networks, and many people aren’t used to worrying about their downloads at sites like Facebook.
Check Point says it told Facebook and LinkedIn about the exploit in September, but it’s not clear that there are fixes in place. We’ve reached out to both companies to find out what the situation is right now. Whether or not you’re in the clear, this is a reminder that you can’t take the safety of social sites for granted — it’s a good idea to be wary of any downloads you weren’t expecting.