Spammers using Facebook Messenger to Spread Ransomware

If you came across any Facebook Message with an image file send by any of your Facebook friends, just avoid clicking it.

An ongoing Facebook spam campaign is spreading malware downloader among Facebook users by taking advantage of innocent-looking image file to infect computers.

If clicked, the file would eventually infect your PC with the nasty Ransomware, a family of malware that has quickly become one of the favorite tools among criminals due to its infecting capabilities.

Like a typical way to deliver malware infection, the site would push a popup, asking you to download and install a certain codec extension in Google Chrome in order to view the video. The malicious extension used two names, Ubo and One.

Ransomware is malware that locks your computer or encrypts your files. You can’t get the data back unless you pay a ransom, and even if you do, there’s no guarantee that you’ll get your data back.

After this sort of infection the only way to roll back in time is to restore your backups.

Article of Swati Khandelwal at http://thehackernews.com/2016/11/locky-ransomware-facebook.html

More about in Locky: the encryptor taking the world by storm – https://securelist.com/blog/research/74398/locky-the-encryptor-taking-the-world-by-storm/

 

Advertisements

Passwords – Hashes to Ashes (by K7)

This is the fourth part of the blog series on cyber security, continuing from its third part on Scareware, RogueAV and Ransomware, focussing on the dangers of choosing weak passwords and the consequences of recycling the same password across different online accounts, and a few tips on how to determine a suitably strong password.

In today’s digital age, people’s lives seem to revolve around passwords.  Passwords to online portals play an important role in securing access to a user’s online information, whether financial, professional or personal. Hence, users are perennially advised to always secure their accounts with strong passwords.

Many online portals alert users about inadequate password strength when setting up the login credentials for a user account.  Some online portals may even enforce strong password before the account is set up. Users must consider password depth while deciding on an account’s password to avoid their passwords being hacked easily.

From a security perspective, using the same password for a user’s multiple accounts is dangerous, both for personal accounts as well as in a professional environment.  In this case a hacker need hack only one account to have the credentials to have access to the victim’s other accounts and the sensitive information held therein.

password1.jpg

Read rest of this important and interesting article at: http://blog.k7computing.com/2016/02/passwords-hashes-to-ashes-2/