Researchers discover way to spread malware through pictures on Facebook
Researchers at security company Check Point have found a method that allows attackers to install malware on computers via a picture on Facebook. The attack works via an hta file hidden in the image.
It is unknown exactly how the exploit works, because Check Point has not yet released the details of ‘ImageGate’. The exploit does require a few clicks from potential victims. When Facebook users click on an infected image, the browser notifies you that the site wants to download an hta file. That is an HTML application in a format patented by Microsoft.
If users download the hta file and click it open, attackers can install malware hidden in it. Check Point used ransomware as an example. Not only Facebook, but also LinkedIn seems susceptible to the attack.
It doesn’t look like this exploit is being exploited in the wild yet. Check Point will release all details once the vulnerable sites have fixed the vulnerability. When that will be is unknown at this time.