Researchers have discovered an attack that uses Facebook Messenger to spread Locky, a family of malware that has quickly become a favorite among criminals.
The Ransomware is delivered via a downloader, which is able to bypass whitelisting on Facebook by pretending to be an image file.
The attack was discovered on Sunday by malware researcher Bart Blaze, and confirmed later in the day by Peter Kruse, another researcher that specializes in internet-based crime and malware.
GET YOUR DAILY SECURITY NEWS: Sign up for CSO's security newsletters
The attack leverages a downloader called Nemucod, which is delivered via Facebook Messenger as a .svg file.