Hackers are using Facebook messenger to harm the users by sending Locky ransomware to them. The malicious ransomware is in the form of .SVG file and it lure the users to download malwares. If you are facing such a problem then you must check weather there is any unknown installed extension in your chrome. If there is then you must promptly remove it.
The extension could be in hidden form, one must also check for description of extension to find and remove it.
Earlier today when i logged into my Facebook account i received a message from one of my friend . The screenshoot of this message is given below. It seemed suspecious as it was a .SVG file and i never receive such a file from any of my friend.
When user click on this file . It automatically download to user’s system.
When user will click on this downloaded file it will redirect the users to some sort of malicious website and ask the user for adding an extension to chrome or extension will be automatically installed to user’s system.
The downloaded file may redirect the user to this path.
After searching for this issue i came to know the message was actully a Locky ransomeware. Locky ransomeware attack was first recongnized by Bart Blaze, a cyber security and malware researcher. By using this ransomeware the attacker can send a file and lure the user to click on this file. In case user click on this file the file lead him to some sort of malicious website. .SVG file is an XML-based vector image and one can embed code in it to fool a user .Actully the file contains malicious JS. code behind it that redirect user to malicious website and it ask the user to add an extension to chrome.
If you guys receive any such message don’t click on it . And don’t forget to check your chrome extensions, if there is any unknown extension then revome it. Change your facebook account’s password and run a full system scan . And don’t forget to share with your friends if want to let them know about this malicious attack.