MEDIA ALERT: ImageGate: Check Point uncovers a new method for distributing malware through images
November 23 2016 - 3:50PM
Check Point® Software Technologies Ltd. (NASDAQ:CHKP) today
announced its security researchers have identified a new attack
vector, named ImageGate, which embeds malware in image and graphic
files. Furthermore, the researchers have discovered the hackers’
method of executing the malicious code within these images through
social media applications such as Facebook and LinkedIn.
According to the research, the attackers have built a new
capability to embed malicious code into an image file and
successfully upload it to the social media website. The attackers
exploit a misconfiguration on the social media infrastructure to
deliberately force their victims to download the image file. This
results in infection of the users’ device as soon as the end-user
clicks on the downloaded file.
In the past three days, the entire security industry is closely
following the massive spread of the Locky ransomware via social
media, particularly in its Facebook-based campaign. Check Point
researchers strongly believe that the new ImageGate technique
reveals how this campaign was made possible, a question which has
been unanswered until now.
The Check Point researchers were able to uncover the attack
vector which affects major websites and social networks worldwide,
including Facebook and LinkedIn. Check Point updated Facebook &
LinkedIn of the attack vector early in September.
Watch the demo: https://youtu.be/sGlrLFo43pY
In the case of the Locky ransomware, once users download and
open the malicious file they receive – all the files on their
personal device are automatically encrypted and they can only gain
access to them after the ransom is paid. The industry estimation is
that the campaign is still raging and accumulates new victims every
day.
“As more people spend time on social networking sites, hackers
have turned their focus to find a way in to these platforms,” said
Oded Vanunu, Head of Check Point’s Products
Vulnerability Research. “Cyber criminals understand these sites are
usually ‘white listed’, and for this reason, they are continually
searching for new techniques to use social media as hosts for their
malicious activities. To protect users against the most advanced
threats, Check Point researchers strive to identify where attackers
will strike next.”
How to stay protectedCheck Point recommends the
following preventive measures:
- If you have clicked on an image and your browser starts
downloading a file, do not open it. Any social media website should
display the picture without downloading any file.
- Don’t open any image file with unusual extension (such as SVG,
JS or HTA).
A detailed and technical disclosure of the attack vector
will be published by Check Point only after the remediation of the
vulnerability in the major affected websites, in order to prevent
attackers from taking advantage of this
information.
Follow Check Point via:
Check Point Blog: http://blog.checkpoint.com/ Twitter:
http://www.twitter.com/checkpointsw Facebook:
http://www.facebook.com/checkpointsoftware YouTube:
http://www.youtube.com/user/CPGlobal LinkedIn:
https://www.linkedin.com/company/check-point-software-technologies
About Check Point Software Technologies
Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is
the largest network cyber security vendor globally, providing
industry-leading solutions and protecting customers from
cyberattacks with an unmatched catch rate of malware and other
types of threats. Check Point offers a complete security
architecture defending enterprises – from networks to mobile
devices – in addition to the most comprehensive and intuitive
security management. Check Point protects over 100,000
organizations of all sizes.
INVESTOR CONTACT:
Kip E. Meintzer
Check Point Software Technologies
+1.650.628.2040
ir@checkpoint.com
MEDIA CONTACT:
Ali Donzanti
Check Point Software Technologies
+1.650.628.2030
press@checkpoint.com
Check Point Software Tec... (NASDAQ:CHKP)
Historical Stock Chart
From Aug 2024 to Sep 2024
Check Point Software Tec... (NASDAQ:CHKP)
Historical Stock Chart
From Sep 2023 to Sep 2024