Hackers using memes to spread malware

Researchers found out that hackers have come up with an interesting and unique way to spread a malware. They are now using internet memes for communicating with malware for various malicious operations.   
A hacker has been found using the “What if I told you” meme on Twitter to grab screenshots from an infected Windows PCs, according to researchers at security firm Trend Micro.
The memes containing the malware would appear same as an ordinary digital image, but it contains commands in the file’s metadata which is hidden. 
“The messages used for this malware are very small (typically one word) meaning that they can be hidden between the metadata and actual pixel layout without changing the image itself,” Nunnikhoven said in an email interview with PCMag. 
The hackers used a technique called steganography, which conceals messages in nontext files such as images or video. It is one of the best methods to sneak malicious code onto someone’s computers or to spread a hidden command over the open web
“Most networking monitoring programs won’t notice anything odd about access to Twitter.com,” Nunnikhoven added. “A site that’s based around a timeline like Twitter also allows the attacker to sequence commands for the malware. This can be an effective way of building a solid command and control channel.”
However, Twitter has blocked the hacker’s account, but there could be many more accounts which might be circulating the malware, a Trojanized .exe file.
 Twitter told PCMag: “Keeping people safe and secure on Twitter is our top priority. If the content on Twitter is used for malicious purposes, we take action and remove it. Twitter plays no part in the distribution of the malware involved in this campaign.”

Published by Marshmallow

Marshmallow Android is BT Ireland’s Head of Sales for Republic of Ireland domestic multi-site companies, indigenous MNCs and public sector accounts. He is responsible for the direction and control of all sales activity in the region. He has over 10 years management experience from high growth start-ups to more established businesses. He’s led teams in Ireland, India and China across various industries (ICT, On-Line Recruitment, Corporate Training and International Education).