Skip to main content

Hidden Malware within Images Targets Mac Users

Researchers have uncovered a recent malicious advertisement campaign that’s notable for its size, scope, and resourcefulness. A two-day blitz triggered as many as 5 million times per day that used highly camouflaged JavaScript stashed in images to install a trojan on visitors' Mac computers. The ads were served by a group security firm called Confiant, also known as VeryMal, a name that comes from veryield-malyst.com, one of the ad-serving domains the group uses. A run that was active from January 11 to January 13 on about 25 of the top 100 publisher sites triggered the image as many as 5 million times a day. This comes as an attempt to bypass increasingly effective measures available to detect malicious ads, the images uses steganography; which is the ancient practice of hiding code, messages, or other data inside images or text. The end goal is the attack is to deliver this malicious (payload) to users who visit the page that use Mac OS.


How does this work exactly? Well, a user viewing this image on their Mac gets redirected to another website (hidden code in the image creates a link) to which a pop-up ad will claim the user’s flash player Is out of date. If the user takes the bait (clicks on the ad to download the supposed update) then a trojan virus will instead be downloaded. This activity demonstrates how malvertisers continue to improve their techniques for slipping malicious content past advertisers, who actually pay to detect bad (infected) ads to protect their users. People who want to protect themselves should stay vigilant and detect suspicious advertisements, as well as keep all of their software up to date.

https://arstechnica.com/information-technology/2019/01/malvertisers-target-mac-uses-with-stenographic-code-stashed-in-images/

Comments

Post a Comment

Popular posts from this blog

New Windows 0-Day Exploit Active

Google security officials are advising Windows users to ensure they’re using the latest version 10 of the Microsoft operating system to protect themselves against a “serious” unpatched vulnerability that attackers have been actively exploiting in the wild. Unidentified attackers have been combining an exploit for the unpatched local privilege escalation in Windows with one for a separate security flaw in the Chrome browser that Google fixed last Friday. While that specific exploit combination won’t be effective against Chrome users who are running the latest browser version, the Windows exploit could still be used against people running older versions of Windows. Google researchers privately reported the vulnerability to Microsoft, in keeping with its vulnerability disclosure policy. The flaw, which resides in the Windows win32k.sys kernel driver, gives attackers a means to break out of security sandboxes that Chrome and most other browsers use to keep un-trusted code from interactin...
Post a Comment
Read more

Foldable Phones are the Future?

What the hottest thing in smartphone tech today? Foldable smartphones. Yep, that's right. We have officially entered the Sci-Fi era, where now screens have no limits! Huawei, a smartphone manufacturing company based in China has just announced a new smartphone to battle it's rival Samsung's Galaxy Fold. The Huawei Mate X, taking a totally different approach compared to Samsung device, is putting the display on the outside of the phone instead of on the inside, and this comes with a number of pros and cons. The Mate X has a massive 8-inch 2480×2200 OLED display that wraps around the phone body. When open, that's a bigger screen than the Galaxy Fold, which is only 7.3-inches. When closed, the Mate X's 8-inch display splits into a 6.6-inch, 2480×1148 display section on the front, and a 6.38-inch, 2480×892 section on the back. So you can decide which side of the phone you would like to use at any given time. Then, if you want something bigger, you just open up the main ...
Post a Comment
Read more

Android and Malware a Rising Concern

I think it is safe to say that between the Google Play Store on Android and the App Store on iOS, that Google's app market seems to be the most susceptible to malware attacks. The main reason being that Android is Open Source software, meaning that the software that runs on these phones are free for the public to see and use for themselves. While this is a way to be fully transparent with your companies software, it does put you at risk for more attacks. Hackers can study the code and find certain flaws that they can exploit and do malicious things. Getting an app on the Google Play store is an easy process, you have to create some accounts and enter in content information, etc. Then your app will be posted online for everyone to download. Some app developers with bad intentions seem to be hiding malicious content inside what looks like harmless game apps. Everything looks and functions properly, but in the background malware files are being loaded onto your phone. You go on about ...
Post a Comment
Read more