ImageGate is a recent form of ransomware that attempts to spread malware through images and graphic files on social media websites. It has been discovered by two security researchers at Check Point Software Technologies Ltd., Roman Ziskin and Dikla Barda. The ransomware works in the same way as Locky virus that automatically encrypts the victim’s files and demands a ransom in order to reveal the decryption key.
Considering the massive increase in the use of social media platforms, such as Facebook and LinkedIn, hackers are directing their focus on breaching the security of these websites. They are continually looking for ways to use these platforms as hosts to carry out their malicious activities.
How Does ImageGate Work?
According to the security researchers, ImageGate works by embedding malicious code into the image files and posting them on ‘white listed’ social media websites. The targeted image files usually have extensions other than ‘.jpg’ or ‘.jpeg’. The malware aims at manipulating the misconfigurations in the social media platforms to purposely compel the users to click on the image. Once the file has been downloaded and the user clicks to open it, all the files on the computer system are encrypted. In order to regain access to the locked files, the user is required to pay the hackers a certain amount as ransom in bitcoins.
Tips To Protect Against ImageGate Ransomware
- Make sure you do not click on any unidentified file downloaded to your computer system.
- If a file gets forcibly downloaded, do not open or execute it. You should carefully delete the file so that the ransomware is not able to infect the files stored on the device.
- You should avoid clicking and downloading images as well as graphic files from social media websites.
- Do not open image files that have unknown file extensions, particularly ‘.svg’, ‘.hta’ and ‘.js’.
- The anti-virus and anti-malware software on your computer should be regularly updated to stay protected against latest forms of ransomware.
- It is recommended to be vigilant while accessing your social networking accounts. Even a single malicious download can make you lose access to your device and all the files stored within it.
Centex Technologies provides complete cyber security solutions to the business organizations in Dallas, TX. For more information on ImageGate and other forms of malware, feel free to contact us at (972) 375 – 9654.
14. February 2017 05:26
URL shortening is quite a common trend over the internet. These URLs are helpful while sharing lengthy and complex links through instant messaging, emails or on websites that have a strict character limit, such as Twitter. When the user clicks on the shortened link, he is automatically redirected to the original URL. There are a number of URL shortening services available on the internet, some of the popular ones being bit.ly, goog.gl and tinyurl.com.
What exactly is URL shortening?
The concept behind URL shortening is simple. When you enter a long URL, it is encrypted by the use of an algorithm in order to produces another link with lesser number of characters. The shortened URL address is then mapped to the original link so that the user lands on the web page that he intended to visit.
Security risks associated with shortened URLs
- Link Manipulation: The first and foremost security risk is that a shortened URL hides the destination link. It means that there is no way to identify the landing page to which you will be redirected upon clicking the link. This is the reason why shortened URLs are used in various phishing scams. Hackers send these URLs embedded in emails or IMs so that the victim is not able to verify their authenticity.
- Ineffective Spam Filters: As the original URL is not visible, the spam filters cannot identify the potential threat and do not blacklist the email. The safe browsing features in popular web browsers warns the users if they are about to visit a phishing website. However, in case of shortened URLs, as the landing web page is not known, no warning is issued and the user is directed to the potentially spam website.
Tips to stay safe while using shortened URLs
- Many URL shortening services allow the users to check where a shortened URL will be redirected before they actually click on the link.
- Shortened URLs that take the users to a log in or sign up page should never be trusted. Instead, you should access all your online accounts by manually typing in the website’s address. Also, verify that the URL begins with ‘https’ instead of ‘http’.
We, at Centex Technologies, offer effective IT security solutions to business firms in Dallas, TX. For more details, feel free to call us at (972) 375 – 9654.