CHINA TOPIX

11/21/2024 11:39:17 am

Make CT Your Homepage

New Malware Strain can Hide in Ad Images

Authorities are still conducting an ongoing investigation to determine who hacked the Canadian military recruitment website.

(Photo : Getty Images) Security researchers at ESET have been investigating a new malware strain they simply call Stegano.

Security researchers have recently discovered a new strain of malware that embeds itself into online ads in order to avoid detection. Reports claimed that the malware has been operating in the last two years and targeting banking services and corporate payment services.

Security researchers at ESET have been investigating a new malware strain commonly called Stegano. The name came from steganography, which is the practice of hiding messages in an image to avoid detection.

Like Us on Facebook

This Stegano malware strain spreads by integrating itself in images used in online advertisings. ESET researchers believe that the malware has been unknowingly viewed by millions of online users and may have even penetrated popular websites.

In order to launch the malware, Stegano coders manipulated the alpha channel of a certain ad image. A normal ad image would contain transparency information, but Stegano creators were able to design their images to contain JavaScript code and important variables in order to initiate the hack, according to Forbes.

The difference between an ordinary ad image and a Stegano infected one is incredibly subtle, a factor that makes it hard for experts to tell whether a certain image is infected or not.

On the other hand, a Stegano-laced image cannot actually infect the target computer. Instead, hackers use the Stegano image in order to initiate the actual hack. In order to do so, hackers use one of three Flash exploits, depending on the version of Flash used on the infected computer.

Once the hackers successfully penetrated the target computer, they can launch the payload. Attacks can vary from a backdoor, keylogger, screenshot maker, and even a video maker, according to Engadget. From this point on, hackers can steal almost any file they want.

Security experts said that the best way to counter the Stegano malware is to completely remove Flash in the computer system. If this is not possible, experts suggest to make sure that the Flash system is up to date.

Real Time Analytics