قالب وردپرس درنا توس
Home / Technology / Hacker uses internetmeme to send hidden commands to malware

Hacker uses internetmeme to send hidden commands to malware



Image: Portrait Pictures Asia of Nonwarit / Shutterstock


PCMag.com is a leading authority in technology, providing Labs-based independent reviews of the latest products and services. Our expert industry analysis and practical solutions help you make better purchasing decisions and get more from technology.

A newly discovered piece of malware has a unique way of communicating with its creator through an online web site published on Twitter.

The mysterious hacker has used "What if I told you" the meme to keep a Windows based burden on malware to cope with infected PC screenshots, according to the security company Trend Micro.

Although the internet meme looks like a normal digital image, a simple command is hidden in the file's metadata, Trend Micro says VP Mark Nunnikhoven. Malware, however, has been designed to look up the hacker's Twitter account and scan image files for secret commands.

"The messages used for this malware are very small (usually one word) which means they can be hidden between metadata and actual pixel layout without changing the image itself," said Nunnikhoven in an email.

The hacker looks like to have only posted two malicious memes – 25th and 26th october – with the "/ print" command that will order infected Windows PCs to take a screenshot. Other hidden commands that the hacker could have sent through memes includes "/ klipp" to capture clip-posted content and "/ processos" to retrieve a list of running processes over the PC.

The practice of hiding messages in non-text files such as images or video is called steganography and has become an effective way to hackers to sneak malicious code on people's computers or send hidden commands over the open web.

"Most network surveillance programs will not notice anything about access to Twitter.com, let Nunnikhoven to. "A site based on a timeline like Twitter also allows the attacker to fix commands for malware. This can be an effective way to build a solid command and control channel."

The good news is that Twitter has disabled hacker's account on the platform. But it's not clear how the mysterious attacker circulated malware, a trojan .exe file.

In response to Trend Micro's findings, Twitter PCMag told: "Keeping people safe on Twitter is our top priority. Twitter is used for malicious purposes, we take steps and remove it. Twitter does not matter in the distribution of malware like is involved in this campaign. "

However, the company did not address questions about what Twitter could do to stop similar meme-based malware schemes in the future. In the meantime, others have shown that you can create a lot of data, including ZIP archives, inside a photo on Twitter, which increases the possibility that hackers can use the same tactics again.

  Https% 3a% 2f% 2fblueprint api production.s3 .amazonaws.com% 2fuploads% 2file uploaders% 2fdistribution thumb% 2fimage% 2f90027% 2f57f34820 2b92 4218 ac3a 79cfc345fa29

This article was originally published by PCMag
here


Source link