Image appended with the list of targeted institutions
Trend Micro’s security analysts have recently discovered that images of sunsets (and some cats) being shared on the Internet are carrying malware that can hack into bank accounts and begin drawing funds.
The ZBOT malware, detected as TSPY_ZBOT.TFZAH, downloads a JPEG file into the affected system without the user’s knowledge. The user does not even see this particular image, but if someone did happen to see it it would look like an ordinary photo. We encountered an image of a sunset, but other security researchers reported encountering a cat image. (This particular photo appears to have been lifted from popular photo-sharing sites, as it appears in these sites if you search for sunset.)
Using steganography, a list of banks and financial institutions that will be monitored is hidden inside the image. The list includes institutions from across the globe, particularly in Europe and the Middle East. Once the user visits any of the listed sites, the malware will proceed to steal information such as user credentials.
Christopher Budd, Trend Micro’s Global Threat Communications Manager, says, "If you receive an email with a colorful rainbow or cute kitty, don’t open it unless it is from a known party."
Sunsets and Cats Can Be Hazardous to Your Online Bank Account
Silverpush, a startup that’s just received $1.25M in venture capital, uses ultrasonic chirps that are emitted by apps, websites, and TV commercials to combine the identities associated with different devices (tablets, phones, computers, etc), so that your activity on all of them can be aggregated and sold to marketers.
Pagefair is an ad-blocking circumvention tool that publishers can use to track readers who’ve taken technological countermeasures to protect their privacy. The company has sold its service to many publishers — including the Economist — by deploying moral arguments about the evils of ad-blocking.
Oct 31 2005: Security researcher Mark Russinovich blows the whistle on Sony-BMG, whose latest “audio CDs” were actually multi-session data-discs, deliberately designed to covertly infect Windows computers when inserted into their optical drives.
Today only in the Boing Boing Store we are offering an extra 15% off of the below VPN deals just use coupon code: VPN15 at checkout. proXPN VPN: Premium Lifetime Subscription Surf the web with ultimate peace of mind – both at home and on the road – over proXPN’s fully-encrypted, lightning-fast servers. Your lifetime premium subscription […]
These knitted gloves are here to save the day (and your hands) with an ultra-comfy, double-layer that will allow you to stay warm and use your phone. Now you can take photos on the fly, text, Tinder, and more without letting freezing temperatures get in your way. Plus they work with all touchscreens, so no […]
Store more on your Mac with this microSD memory card adapter.