Beware the rogue .wav file.
Two reports published in the last few months indicate that authors of malware programs are using an interesting technique in their attacks.
Researchers report the bad guys are applying steganography techniques to hide malicious code inside .WAV audio files.
“The novelty in the two recently-published reports is the use of WAV audio files, not seen abused in malware operations until this year, Catalin Cimpanu at ZDNet reports:
The first of these two new malware campaigns abusing WAV files was reported back in June. Symantec security researchers said they spotted a Russian cyber-espionage group known as Waterbug (or Turla) using WAV files to hide and transfer malicious code from their server to already-infected victims.
The second malware campaign was spotted this month by BlackBerry Cylance. In a report published today and shared with ZDNet last week, Cylance said it saw something similar to what Symantec saw a few months before.
But while the Symantec report described a nation-state cyber-espionage operation, Cylance said they saw the WAV steganography technique being abused in a run-of-the-mill crypto-mining malware operation.
Cylance said this particular threat actor was hiding DLLs inside WAV audio files. Malware already-present on the infected host would download and read the WAV file, extract the DLL bit by bit, and then run it, installing a cryptocurrency miner application named XMRrig.
Josh Lemos, VP of Research and Intelligence at BlackBerry Cylance, told ZDNet in an email yesterday that this malware strain using WAV steganography was spotted on both Windows desktop and server instances.
WAV audio files are now being used to hide malicious code
[zdnet via techmeme.com]
“Yet another delay” in the Trump administration’s threatened U.S. ban on China’s Huawei technologies, Colin Lecher reports at The Verge.
This promotional video promotes a car door that slides under the car instead of opening outwards. The terribleness of the idea wedded to the “upper middle-class England in the 1980s” marketing gives it an almost vicious quality, as if intentionally mocking the unmoored techno-meritocratic fantasies of the Thatcher era. The car of Hyacinth Bucket’s dreams. […]
Microsoft is hiring former Obama administration Attorney General Eric Holder to provide legal window dressing for their AnyVision technology, which the company says complies with the ethical principles stipulated during the facial recognition company’s Series A.
Need a boost on that resume? Get a valuable tech education on your own time with these eBook bundles. They contain guides from Packt Publishing that cover everything from game development to machine learning. The Complete Mobile App Developer eBook Bundle It’s a veritable gold rush in the App Store these days. Get in on […]
Vinyl is officially back. People are hearing the proof behind the initial “retro” excitement: that records really do have a richer sound. And if you haven’t switched to old-school records for serious listening, it’s a new golden age. Why? Because quality turntables like the Altec Lansing ALT-500 are finally available to a market other than […]
Between all of our apps, streaming devices, Bluetooth speakers, and energy-sucking decorations, paying for utilities each month can be…brutal. In fact, the average household spends roughly $70 a month on the water bill alone. That number might not seem terribly significant, but when you add it up, that’s $840 a year — a pretty significant […]