Digital security firm Malwarebytes conducted an analysis on Locky earlier this year, concluding "it is well prepared, which means that the threat actor behind it has invested sufficient resources for it, including its mature infrastructure." It hit a Kentucky hospital for medical data back in July. Shit is scary.
But using Locky through images is entirely new, and potentially even scarier. Check Point even referred to its findings as ImageGate.
That said, Facebook and LinkedIn aren't fretting over it
Facebook, for its part, denied any vulnerability to Ars Technica, and also denied the tie to Locky. Instead it blames bad Chrome extensions. Here's the company's full statement:
This analysis is incorrect. There is no connection to Locky or any other ransomware, and this is not appearing on Messenger or Facebook. We investigated these reports and discovered there were several bad Chrome extensions, which we have been blocking for nearly a week. We also reported the bad browser extensions to the appropriate parties.
After Thrillist reached out to LinkedIn, a spokesperson provided us with this: