Most internet users (and antivirus software) know not to download suspicious files. But what about uploading files via a file sharing API? FIU researchers have found that websites that request access to a user’s files for upload may be able to bypass antivirus software to carry out ransomware attacks.
Free photo editors, tax document assistants, and other web apps that access the user’s media can encrypt files and then demand ransom in exchange for safe return of the files. "Antivirus software systems allow these attacks because it is normal for them to give browsers access to files,” says researcher Selcuk Uluagac. “They don’t detect that anything is wrong.”
View Related Expert Profiles: Go to Source
