Welcome_Meme  - Welcome Meme - Malicious Memes Trigger Malware Functions

Cybercriminals are using steganography to deliver commands to via , according to researchers at Trend Micro. Steganography is the art of hiding messages inside images.

In this case the images are ones that circulate as popular Internet memes. The memes install code that acts as a command-and-control service for malware which is already present on the targeted machine.

The researchers don’t know how the malware itself is delivered, but they were able to observe the way it reaches out to a Twitter account and downloads the malicious images. The two memes examined by Trend Micro contain a “/print” command, which allows the malware to take screenshots of the machine and send them back to the command-and-control server. The malware supports four other commands, which enable it to retrieve usernames, filenames, clipboard content, and a list of running processes.

While steganography as a means of evading security is nothing new, this threat stands out because the commands come from a legitimate social networking platform and can’t be blocked unless the Twitter account in question is shut down. The researchers note that Twitter has already disabled this account, and that the malware itself was not downloaded from Twitter.

This creative way to bypass detection mechanisms shows that criminals are trying to stay ahead of the security industry’s attempts to shut them out. Technical safeguards are essential for detecting known threats and predicting malicious behavior, but it’s best to avoid interacting with malware in the first place. Most malware finds its way onto a machine after a user is duped by an attacker. New-school security awareness training can give your the skills to identify these social engineering tactics.

Trend Micro has the story: https://blog.trendmicro.com/trendlabs-security-intelligence/cybercriminals-use-malicious-memes-that-communicate-with-malware/


Find out how affordable new-school security awareness training is for your organization. Get a quote now.

 

Get A Quote  - a8252926 7187 4c02 9dd4 933c17d712b1 - Malicious Memes Trigger Malware Functions
Request A Demo  - 2af0f76d 67ca 4454 9896 5cb1da9b1f50 - Malicious Memes Trigger Malware Functions

 



Source link
Based Blockchain Network

LEAVE A REPLY

Please enter your comment!
Please enter your name here