Can they hijack my computer or cell phone from Facebook, Instagram or TikTok?

The ransomware It has become one of the main weapons of cybercriminals, since in many cases they have ended up obtaining great economic results, especially with companies. However, this can also end up coming through social networks, with the aim of “hijacking” our accounts or the information on our devices.

According to a Kaspersky report, there are two classes of ransomware, but only one is the most used. This is because one is easier to counter than the other, so it’s unlikely that anyone will end up paying the “ransom.”

READ ALSO: Malware identified on 34 Microsoft servers

In interview with TradeMartina López, cybersecurity researcher at ESET, details that this type of malware “can be a malicious attack that ends up encrypting all our important files, for instance. Our photographs, our documents, which may not have value for the cybercriminal. Maybe he doesn’t even steal them, he just encrypts them, but for us they can be irreplaceable”.

This does not mean that the cybercriminal is behind at all times, but rather that it is malware programmed to carry out this type of action. Perhaps at some point the criminal will contact us, but it is not necessary for us to already be victims of this cyberattack.

LOOK: Are you afraid of being a victim of a cybercriminal? 3 tips to improve your security on social networks

Can I be a victim of ransomware through social networks?

Yes, but not in the way we would think. It is not that Instagram, for example, has links that lead us to download ransomware on our computer at any time. On the contrary, .

For this, use the phishing (impersonate another person/entity to build trust) to end up convincing the user to enter a link or perform actions. If we follow your instructions, for whatever reason, as well as any other type of malware.

For example, through Discord, user groups have started using malware, including ransomware, through the channels of this application, which also acts as a social network. “Malware writers provide an affordable and easy way to hack someone and brag about it to your peers, and even a way to earn money through hacking. ransomwarecrypto mining and the sale of user data”, Avast pointed out, according to Europa Press.

Likewise, Avast indicated in 2018 that it was happening a wave of attacks on Instagram accounts, being the most popular (more than 100 thousand followers) the main targets. .

Instagram users fell victim to ransomware in 2018. (Pixabay/)

“hackers posing as a potential business association. Victims receive an email containing a proposal to work together and a link to what the sender claims is her own Instagram site. When . Once the victim ‘logs in’, the hackers obtain the username and password”, indicated the antivirus company at the time.

Cybercriminals ended up asking for ransoms of between US$110 (approximately S/.420) to US$122 (approximately S/.467). This payment had to be exclusively by bitcoins, but there was no type of security that the account would be released or that they would not continue asking for money after having made the first payment.

Therefore, it is up to the user to be informed and trying to trick us into stealing or encrypting the information on our device.

LOOK: Be careful when you click! Shortened URLs and the dangers they hide

However, and that users ended up downloading it. In November 2016, the creators of the ImageGate ransomware took advantage of a vulnerability in Facebook and LinkedIn to place their malware inside social networks.

“The virus is included in an image file and uploaded to the social network. The attackers take advantage of a configuration flaw in the social network to force the file to be discarded. After opening it, the malware takes care of encrypting the victim’s files and demands a ransom for them in bitcoins”, indicated EuropaPress at the time.

Cybercriminals are constantly looking for ways to sneak in their ransomware in this type of social networks because they are “reliable” for users. It is for this reason that they even sell their “product” to third parties so that they can test it in different ways.

LOOK: This way they could be stealing your Twitter account

Ransomware as a service

The RaaS (Ransomware as a Service) it’s the way that cybercriminals they sell this type of malware to those who are not experts or developers. “The programmers simply put their malicious software up for sale. For those who create this kind of software, this is a more profitable and less risky strategy”, indicated Kaspersky in his report.

In this way, they not only make money by selling the ransomware for third parties to use, but also do not risk committing the cybercrime, as these simply provide the malware. Thus, the use of ransomware It is no longer limited only to those who have been creating and improving it over the years, but also for anyone who wants to enter this world.

This helps the cybercriminals that use phishing also end up adding ransomware in their way of operating, as was seen in the case of Instagram accounts in 2018. Thanks to the fact that there are different families of ransomwaremore and more cybercriminals are using this method.

Ransomware is also sold as a product or service. (Pixabay/)

What are ransomware families?

According to Martina López, families are groups of ransomware and its derivatives. “Each cybercriminal group, each person, can generate new malicious code. Just as it happened, for example, with COVID-19, each variant was characterized by having something special. Greater resistance to vaccines, more mortality, etc. Well, it’s the same with the ransomware family.”, assured the researcher.

These characteristics range from the speed of the malware to the way of collecting the “ransom” that they have established. “There are variants that are much faster, that is, the moment of encryption is much more instantaneous; there are families where perhaps what they are looking for are particular files to encrypt, such as a database aimed at corporations; there are files where payment is requested in dollars; there are files where they request payment in cryptocurrencies. There are a lot of variant families of ransomware. Some better known, others not.”, he added.

Due to the rise of this cyberattack and the large amounts that can be demanded as “ransom”, companies are the ones that end up being the main targets of cybercriminals. “Perhaps the most renowned in Latin America, today, are those that, in the first place, target organizations and corporations, as is the case of with you [Perú ha sufrido este tipo de ataque]in case of Sodinokibi [utilizado en el caso Kaseya]. Families who had ransomware gangs behind. Not so much talking about a threat in general, where one can download it from any site, but about threats that are directed more at corporations and governments, than at users in generalLopez concluded.

While ransomware is more focused on “hijacking” company information, users can also be targeted. Due to the diversity of this malware and the results it is getting, cybercriminals are also using it to victimize users on social networks. Let us remember that, like everything, the use of ransomware will become easier and more accessible, so more cybercriminals will end up using it. Especially in networks, since they have a larger universe and, therefore, more likely to obtain a good result if they continue to rely on phishing.

Source: Elcomercio