Hackers Use Images to Hide Malware and Steal Sensitive Data

Hackers are hiding malicious software in images to deliver dangerous malware like VIP Keylogger and 0bj3ctivity Stealer. These tools are used to steal sensitive data, such as passwords, keystrokes, and screenshots, in separate phishing campaigns.

  • Hackers use phishing emails disguised as invoices or purchase orders to trick users into downloading malicious attachments.
  • These attachments exploit a known vulnerability (CVE-2017-11882) in Microsoft Excel, leading to the download of a malicious image.
  • The image contains Base64-encoded malware, which is decoded and executed on the victim's system.
  • VIP Keylogger Campaign: This malware steals keystrokes, screenshots, clipboard data, and credentials from infected devices.
  • 0bj3ctivity Stealer Campaign: Targets similar data but uses JavaScript files in email archives to launch attacks.
  • Use of Generative AI (GenAI): Attackers use AI to create convincing phishing emails and scripts, making their attacks harder to detect and easier to scale.
  • Malware Kits for Novices: Easy-to-use malware kits make it possible for hackers with limited skills to launch sophisticated attacks.

This method of hiding malware in images shows the growing sophistication of cybercriminals. Always be cautious of unexpected emails, avoid downloading unknown attachments, and ensure your systems are updated with the latest security patches. Net Protector Cyber Security solutions can provide strong protection against these advanced threats.