While the actual Locky code is relatively pedestrian and easy to avoid if you're aware (just don't open the file), it's the delivery mechanism that has analysts worried. Many security apps explicitly trust big social networks, and many people aren't used to worrying about their downloads at sites like Facebook.

Check Point says it told Facebook and LinkedIn about the exploit in September, but it's not clear that there are fixes in place. We've reached out to both companies to find out what the situation is right now. Whether or not you're in the clear, this is a reminder that you can't take the safety of social sites for granted -- it's a good idea to be wary of any downloads you weren't expecting.

Update: A Facebook spokesperson tells us that these reports had it wrong -- this isn't a case of ransomware. These were really "bad Chrome extensions" propagating a scam by sending messages to others, and they were blocked several days ago. You can read the full explanation below.

"This analysis is incorrect. There is no connection to Locky or any other ransomware, and this is not appearing on Messenger or Facebook. We investigated these reports and discovered there were several bad Chrome extensions, which we have been blocking for nearly a week. We also reported the bad browser extensions to the appropriate parties."

[Thanks, Kristy]