Home » News » PNG images contains more malware hidden inside, so be cautious

PNG images contains more malware hidden inside, so be cautious

(Image Credit Google)
Researchers discovered proof of new threat actors delivering malicious payloads via PNG files. ESET and Avast have both confirmed that a threat actor known as Worok has been using this method as of early September 2022. Worok appears to have been active in targeting high-profile victims, like government organisations, in the Middle East, Southeast Asia, and South Africa. Attack in multiple stages The attack is a multi-stage process in which the threat actors use DLL sideloading to perform the CLRLoader malware, which then loads the PNGLoader DLL, which is capable of reading obfuscated code hidden in PNG files. PNG Image DropBoxControl is a C# infostealer that takes advantage of Dropbox for communication and data theft. Worok is thought to be the work of a cyberespionage group that works silently, moves laterally across target networks, and steals sensitive data. Worok appears to use its own, proprietary tools, as no one else has been observed using them. Worok employs "least significant bit (LSB) encoding," which embeds tiny pieces of malicious code in the pixels' least important bits. Check Point researchers recently discovered a Trojan that seems to use an image to deliver apicolor Trojan malware.

By Raulf Hernes

If you ask me raulf means ALL ABOUT TECH!!

RELATED NEWS

The IT community is buzzing with excitement as we ...

news-extra-space

Are you having trouble organizing and designing yo...

news-extra-space

Prepare to put an end to unauthorized screenshots!...

news-extra-space

Google Chrome users, prepare for an interesting up...

news-extra-space

Is this the future of video, or a dystopian dream?...

news-extra-space

Windows PCs with Arm chips are gradually gaining t...

news-extra-space
2
3
4
5
6
7
8
9
10