some of friends ask me that they receive the .svg file on fb messenger ![[Image: FB_Nemucod.png]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhC4aJDA-GZlEO5bUTi2ZcGX7gKIeadLly0SxnJWQorWHhYlFeLSjNuM4aOsc-x7TOLN5Wxc5TDKr6KFfW0YIQQNps0tX1aWFhTDKNOWZGRff_uQhMwJfTVVk88NEKzDqvY0gvDkTzusrhQ/s1600/FB_Nemucod.png)
so let me give you the description of that "Locky Ransomware" that is bind-ed with .svg file
what is .svg
Scalable Vector Graphics (SVG) is an XML-based vector image format for two-dimensional graphics with support for interactivity and animation. The SVG specification is an open standard developed by the World Wide Web Consortium (W3C) since 1999.
This means, more specifically, that you can embed any content you want (such as JavaScript)*** Moreover, any modern browser will therefore able to open this file
here is a code of that .svg file
//Only for Educational Purpose
http://pastebin.com/RDHb3mZF
What actually does this Locky Ransomware
It's a heavily obfuscated script, which, after opening, redirects you to the following website
![[Image: Capture.PNG]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlMCYOPAqFi0Hta6hitLEVBZA9ID4GSK6RVENNyvc1usoTPX_8p2mpComVaMo3JOBe3z8jfn863tqr8o7MMehr4LXYnj6o_nLrI0sbN63fPrv4qAl-Vfz743pX9RSmCIGa7pSBRSeuEuVq/s1600/Capture.PNG)
http://www.kerman.pw/?fb_dsa
A website purporting to be Youtube, including a video from Facebook - of course, you'll need to install an additional extension to view it
The extension has no icon and thus seems invisible and has the Permissions to read and change all the data on the site you visit
![[Image: cap.png]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0UmGugYE6oEhiE2Hke4XDR5uuCxDQuQ3onQhD-xxHoZR6JHM8hn8Q3HAlu1Cztrwu6gzFvX6GcSNU7YY9aVjq6tE7ilmefSYVISy3MwRnyNm8oPgEU2iWyQXasH1NQtYgIjPtsUgaDjdg/s1600/cap.png)
This Was a tut that how to create a "Locky Ransomware"
now here is the tips that how to be safe from this virus
Removal
Remove the malicious extension from your browser immediately:
![[Image: chrome.PNG]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgj25NqJB8IfIqetFJxkGtAUGB9OWSRbT9SSvIY9pg525tKAlxIdu_kiYvUslC9yKo2lyv9E3uLZXPtJMKhUUv1hcPnOCIj0a7WxGRgfy36mg0Ex5gUnHGewgF6u_YVW4DAZ8BD9w1raQGJ/s320/chrome.PNG)
Additionally, run a scan with your antivirus and change your Facebook password afterwards***
Notify your friends you sent a malicious file, or in the other case, let your friend know he/she is infected. If you keep receiving the same message from your friend, you may want to temporarily block their messages***
Mess With The Best
Die Like The Rest ![The Application was unable to Start correctly Far Cry 4[Error Code 0xc0000906]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha8WCrANezsnmefgfMSjy6oiMntKGkdsMQBveN3XYbVEL_tjmWPPxhQK-tNq1HBO7BEZ5CehcIi7U4ZyLeIWiF4r3iADaiHrNCdBmPHWb-CbDSpTlmZeguMzvgcfKgZey1050HzA72h5A/s72-c/The+Applicatin+was+unbale+to+start+correctly+Far+cry+4+Problem.jpg)
0 comments :
Post a Comment