科技创新!
Hacker uses internet meme to send hidden commands to malware
A recently discovered piece of malware has a unique way of communicating with its creator—through an internet meme posted on Twitter.
The mysterious hacker has been using the "What if I told you" meme to secretly tell a Windows-based strain of malware when to grab screenshots from infected PCs, according to security firm Trend Micro.
SEE ALSO: Why every super paranoid internet user needs a cheap ChromebookAlthough the internet meme look like an ordinary digital image, a simple command is hidden in the file's metadata, Trend Micro VP Mark Nunnikhoven says. The malware, on other hand, has been designed to look up the hacker's Twitter account and scan image files for the secret commands.
"The messages used for this malware are very small (typically one word) meaning that they can be hidden between the metadata and actual pixel layout without changing the image itself," Nunnikhoven said in an email.
The hacker appears to have only posted two malicious memes — on Oct. 25 and 26 — with the command "/print," which will order infected Windows PCs to take a screenshot. Other hidden commands the hacker could've sent through the memes include "/clip" to capture clipboard copied content, and "/processos" to retrieve a list of running processes over the PC.
The practice of concealing messaging in nontext files such as images or video is called steganography, and it's become an effective way for hackers to sneak malicious code onto people's computers or send hidden commands over the open web.
"Most networking monitoring programs won't notice anything odd about access to Twitter.com," Nunnikhoven added. "A site that's based around a timeline like Twitter also allows the attacker to sequence commands for the malware. This can be an effective way of building a solid command and control channel."
The good news is that Twitter has disabled the hacker's account on its platform. But it isn't clear how the mysterious attacker was circulating the malware, a Trojanized .exe file.
In response to Trend Micro's findings, Twitter told PCMag: "Keeping people safe and secure on Twitter is our top priority. If content on Twitter is used for malicious purposes, we take action and remove it. Twitter plays no part in the distribution of the malware involved in this campaign."
However, the company didn't address questions over what Twitter can do to stop similar meme-based malware schemes in the future. Meanwhile, others have shown you can cram a whole lot of data, include ZIP archives, inside an image on Twitter, raising the possibility that hackers could employ the same tactic again.
Featured Video For You
Facebook leaks private photos of nearly 7 million accounts
友链
外链
互链
Copyright © 2023 Powered by
Hacker uses internet meme to send hidden commands to malware-逆水行舟网
sitemap
文章
843
浏览
66
获赞
1
热门推荐
10 dogs who really loved their puppucinos
Forget the Dragonfruit Frappucino. Starbucks's best secret menu item is the puppuccino, and everyoneThe Winklevoss twins may have lost A LOT of money on Bitcoin
With Bitcoin crashing, some cryptocurrency HODLers are hurting. That might include the Winklevoss twDelete the Facebook app off your phone right now
I deleted Facebook's app off my phone more than a month ago. And reader: I feel free. My days of minDuckDuckGo mobile app promises private web browsing
These days, on the internet, everybody knows you're a dog. Practically everything you do online is tAmazon rolls out little delivery robot to more cities
Amazon is rolling out its robot delivery trial to more cities.The e-commerce giant launched its deliIt looks like audiobooks are finally coming to the Google Play store
A glimmer of a shadow of a possibility that Google Play will soon be offering audiobooks has the bibOprah issues warning to fans after scammers impersonate her online
It appears that some reckless online scammer has decided that of all the celebrities to impersonate,Domino's is launching a baby registry, just like you always asked for
Congratulations, it's a big cheesy pizza pie! Domino's is launching their very own baby registry. ThMozilla tells Facebook and Twitter to 'unfck the internet' before the U.S. election
Mozilla, the nonprofit organization behind the popular Firefox web browser, is calling on Facebook aNew drone tech could make crashes a thing of the past
Flying a drone is fun, but, and let's be real, it's a whole lot lessfun when you keep crashing it inWeird Facebook glitch breaks News Feed for some users
Facebook's News Feed is broken. No, that is't a comment on the current state of social media or MarkNew drone tech could make crashes a thing of the past
Flying a drone is fun, but, and let's be real, it's a whole lot lessfun when you keep crashing it inWatch a loose bat fly around a Spirit Airlines plane mid
Forget snakes on a plane. We have bats to worry about, now. On Wednesday morning, passengers on a 6:Female senators lead the way in calling for Al Franken's resignation on Twitter
After weeks of murmurs on Capitol Hill about Sen. Al Franken's future in politics amid allegations oSexual abuse in the music industry gets spotlight with #MeNoMore
It's the music industry's turn to unite against systemic sexual abuse.Musician Courtney Barnett is o