Beware the rogue .wav file.
Two reports published in the last few months indicate that authors of malware programs are using an interesting technique in their attacks.
Researchers report the bad guys are applying steganography techniques to hide malicious code inside .WAV audio files.
“The novelty in the two recently-published reports is the use of WAV audio files, not seen abused in malware operations until this year, Catalin Cimpanu at ZDNet reports:
The first of these two new malware campaigns abusing WAV files was reported back in June. Symantec security researchers said they spotted a Russian cyber-espionage group known as Waterbug (or Turla) using WAV files to hide and transfer malicious code from their server to already-infected victims.
The second malware campaign was spotted this month by BlackBerry Cylance. In a report published today and shared with ZDNet last week, Cylance said it saw something similar to what Symantec saw a few months before.
But while the Symantec report described a nation-state cyber-espionage operation, Cylance said they saw the WAV steganography technique being abused in a run-of-the-mill crypto-mining malware operation.
Cylance said this particular threat actor was hiding DLLs inside WAV audio files. Malware already-present on the infected host would download and read the WAV file, extract the DLL bit by bit, and then run it, installing a cryptocurrency miner application named XMRrig.
Josh Lemos, VP of Research and Intelligence at BlackBerry Cylance, told ZDNet in an email yesterday that this malware strain using WAV steganography was spotted on both Windows desktop and server instances.
WAV audio files are now being used to hide malicious code
[zdnet via techmeme.com]
Petition demands recall of 500,000+ cars over alleged defect Electric car maker Tesla said on Monday there was no unintended acceleration in its vehicles, as petition signature-gatherers demanding a federal safety investigation have claimed.
An unsecured facial recognition database that contained info on thousands of children from 20 schools in China, half of which are located in historically ethnic Tibetan areas, has been found online.
Former Vice President and current 2020 Democratic presidential hopeful Joe Biden says U.S. Section 230 should be immediately revoked for Facebook and other social media platforms, and that Mark Zuckerberg should be submitted to civil liability.
From OneDrive to Slack, there are numerous ways to store files online. Because many platforms offer a certain amount of free storage, it makes sense to mix and match. However, spreading your files across multiple apps can make things very confusing. Rethink Files offers a simple solution. By connecting to all your other cloud storage […]
Winter can be a difficult time of year for golfers. Between the freezing temperatures and frequent snow showers, maintaining your handicap can seem almost impossible. When the fairways are frozen solid, the PhiGolf simulator lets you practice at home. This device captures every nuance of your swing to provide virtual coaching. Better still, you can […]
Photoshop is one of the most widely used photo editing tools out there, to the point that it’s the default program designers think of whenever they need work done. Small wonder, too: The flagship software in Adobe’s creative suite is very powerful — if you know how to use it. There is a lot to […]