Image appended with the list of targeted institutions
Trend Micro’s security analysts have recently discovered that images of sunsets (and some cats) being shared on the Internet are carrying malware that can hack into bank accounts and begin drawing funds.
The ZBOT malware, detected as TSPY_ZBOT.TFZAH, downloads a JPEG file into the affected system without the user’s knowledge. The user does not even see this particular image, but if someone did happen to see it it would look like an ordinary photo. We encountered an image of a sunset, but other security researchers reported encountering a cat image. (This particular photo appears to have been lifted from popular photo-sharing sites, as it appears in these sites if you search for sunset.)
Using steganography, a list of banks and financial institutions that will be monitored is hidden inside the image. The list includes institutions from across the globe, particularly in Europe and the Middle East. Once the user visits any of the listed sites, the malware will proceed to steal information such as user credentials.
Christopher Budd, Trend Micro’s Global Threat Communications Manager, says, "If you receive an email with a colorful rainbow or cute kitty, don’t open it unless it is from a known party."
Sunsets and Cats Can Be Hazardous to Your Online Bank Account
The NSO Group is an Israeli firm that describes itself as a “cyber warfare” company, dealing exclusively to governments, including the famously corrupt and dysfunctional government of Mexico. The NSO Group is presently for sale, with a $1 billion pricetag.
Linux.MulDrop.14 is a Linux worm that seeks out networked Raspberry Pi systems with default root passwords; after taking them over and ZMap and sshpass, it begins mining an unspecified cryptocurrency, creating riches for the malware’s author and handing you the power-bill.
A key weakness in malicious software is the “Command and Control” (C&C) system: a central server that the malware-infected systems contact to receive updates and instructions, and to send stolen data. Anti-malware researchers like to reverse engineer malicious code, discover the C&C server’s address, and then shut it down or blacklist it from corporate routers.
As the old saying goes, “You should sit in meditation for 30 minutes every day. Unless you are too busy, in which case you should meditate for an hour.” Since most of us have an endless list of things to do and people to see, carving out quiet time can feel impossible, especially when most […]
The Bragi Dash Truly Wireless Smart Earphones are far more than your run of the mill Bluetooth earbuds. While the earpiece design makes these earbuds ideal for exercise and activity, and passive noise cancelling is conducive to a more serene listening experience, these buds go well beyond just playing music.First of all, they can actually […]