Stegnography we all know is the technique of hiding messages inside a pic and exactly on the same lines a new malicious technique by the name of STEGOSPLOIT has arrived that allows malicious code and java script execution the moment an image is opened by the user.This image can be of anything that can interest a victim viz Political figure,Actors,Tempting models,Engineering drawings or anything that is a image.The technique has been discovered by security researcher Saumil Shah from India.The technique was demonstrated at the Amsterdam hacking conference Hack In The Box with a talk titled, "Stegosploit: Hacking With Pictures".The video of demonstration is shared below...just watch it...by the looks if it goes...looks simple.
The technology opens the door for attacks executed as simply as pointing
users to sites containing a booby-trapped image or delivering the image
via email. By virtue of simply viewing the image, the exploit code is
triggered and can deliver malware on the victim's computer.The second video below is in continuation of the above video :
The way out for a typical user is to avoid opening any tempting forwarded image from any friend or acquaint,default image downloading disabled for mobiles and PC interface in email/Whatsapp etc application settings.
technique
discovered by security researcher Saumil Shah from India. - See more
at:
http://thehackernews.com/2015/06/Stegosploit-malware.html#sthash.wBuIwSGj.dpuf
0 comments:
Post a Comment