What You Need to Know About the ImageGate Ransomware

ImageGate RansomwareRansomware is a form of malware that encrypts a user’s data and prevents them from accessing their personal files until they pay the hacker for their files back. Sometimes users are requested to pay hundreds of dollars in order to receive a decryption key. Usually, ransomware is transmitted through infected email links, malicious websites or popup messages.

 

Recently, security researchers at Check Point Software Technologies Ltd. have discovered a new malware attack method, called ImageGate. Since users typically spend a lot of time on social media and they trust them as safe websites,  hackers have discovered a way to bypass security controls of social media networks and have developed their focus into hacking these platforms.

 

ImageGate embeds malware onto image files on social media applications, such as Facebook and LinkedIn. ImageGate exploits misconfigurations in the social media infrastructure and forces users to download an infected image file. The attack requests user interaction, and as soon as the downloaded file is clicked, the user becomes infected with the ransomware. Once the user downloads and opens the corrupted file, all of the files on their PC are automatically encrypted and will only regain access to them after ransom has been paid.

 

Click here to watch the ImageGate demo.

 

ImageGate is similar to Locky Ransomware, which was discovered earlier this year and is known for encrypting files on a user’s computer through spreading SVG formatted files as part of a Facebook spam campaign that demanded a ransom for the decryption key.

 

Tips on How to Stay Protected Against ImageGate Ransomware:

  • If you receive an image randomly, do not click on it.
  • Beware of image files that have unusual extensions (such as.svg, .js, or .hta).
  • If you click on an image and your browser begins downloading a file, do not open it. Delete it immediately.
  • Ensure you have an updated antivirus and anti-malware software installed on your PC to ensure your protection against ransomware attacks

 

While waiting for Facebook and LinkedIn to improve their security controls, it is important to stay vigilant, be aware of ImageGate ransomware and to avoid opening unsolicited messages.