Malicious Code Hidden in Images: Stay Secure with a VPN

2017-04-05 09_15_16-malware – Google Search

New malware is being developed every day, and cyber criminals are becoming bolder when it comes to attacking their targets, whether it’s a high-profile company, a regular Facebook-only internet user or anything in between.

What makes these cyber-attacks worse, is the way that hackers are always coming up with new ideas and ways to spread malware infections to their unsuspecting victims. Literally anything can be infected with malware, and to prove that, we have a new discovery to report, which is an exploit kit that targets online images, and its name? Stegano.

What is Stegano?

Now, you might be wondering, what’s so special about this Stegano, and is it really worse than most malware that we’ve seen so far?

Well, the answer is yes. Stegano is a new type of image exploit kit, and it targets images on trusted and legitimate sites. It was discovered in November of 2016 by researchers from ESET, and they’ve also discovered that it’s being used to spread malware around, mostly through all those ad banners that every big website seems to have pinned on them.

So far, the biggest chance of getting a malware through an image was to receive one in your email and to open it, and most of us have already figured this out. Now, with Stegano, there’s no telling what can be used as a malverized weapon against you and your devices.

How Does it Work?

To make matters worse, in order to get infected, you don’t even need to do anything anymore. All that needs to happen is for cyber criminals to use this exploit kit and infect image’s individual pixels with the malicious code. After that, when you enter a website and your device scans the image, the code slips through Flash player vulnerabilities if it manages to find them. In that case, the infected image will be sent from the remote server. If there are no vulnerabilities to be found, the regular, “clean” version of the image will be shown and it’ll be like the scan had never even happened.

In case the flaw was found, hackers will be able to download malicious payloads on your device. ESET researchers say that it is almost impossible to tell the difference between an infected and clean image unless you know what you’re looking for. That’s because the difference is minimal, and it’s extremely hard for an untrained eye to discover it.

It’s said that, for now, Stegano kit can only work with images displayed through Internet Explorer (IE), and since most of the Internet users today prefer Google Chrome, they are all supposed to be safe. Still, there are those that still use IE and more than you might think. For example, the data from 2015 says that more than 15% of Internet users have used IE as their browser in December 2015.

And that percentage is more than the combined usage of Opera and Safari, as well as that of Mozilla Firefox’s share of users.

How to Protect Yourself from Malware in Images

Even though the threat of running into an infected image is still not a something that Chrome and Firefox users need to worry about, it’s still better to be prepared than to be caught off guard when

Stegano decides to expand its operations. Experts suggest to always keep your software updated and caught up with the newest versions, but there’s also another way, also considered to be an easier way to protect yourself. And that is to ensure your browsing sessions through the use of VPNs.

VPNs can be installed on pretty much any of today’s popular devices, including Windows, Android, iOS and OS X. When asked about their choice, the more experienced VPN users suggested the use of

VPNs like TorGuard and GhostVPN. All of the mentioned VPNs can protect you and your devices from malware attacks, and it does this by telling you that the website you’re on is infected. They do this by checking with their database of infected websites.

In addition to this, VPNs are also protecting your privacy, encrypting your data flow and swapping your IP address in order to give you access to any and all content that might be blocked in your country.

This is the only safe way to browse the internet, really, and the sooner you add this layer of protection to your devices, the sooner you’ll be able to relax and fully enjoy your browsing sessions.

Passion for Cyber Security and Technology.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*

Lost Password

Sign Up