47.8 F
Washington D.C.
Tuesday, December 5, 2023

Attackers Concealing Malware in Images Uploaded to Google Servers

Cybercriminals are putting a new spin on the old trick of hiding malware code in Exchangeable Image File Format (EXIF) data. Recently, attackers were observed using this technique in image files, rather than text files, and uploading them to googleusercontent.com servers.

In a July 18 company blog post, Sucuri senior malware researcher Denis Sinegubko detailed one such case in which EXIF code from a Pacman .jpg image was used to mask a malicious script that steals PayPal security tokens, uploads web shells and arbitrary files, inserts defacement pages and communicates addresses of exploited websites back to the attacker.

This image was uploaded – likely via a Blogger or Google+ account – onto Google servers, so that it would be readily available for downloading from compromised websites, Sinegubko states.

Read more from SC Media

Homeland Security Today
Homeland Security Todayhttp://www.hstoday.us
The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Related Articles

- Advertisement -

Latest Articles

Verified by MonsterInsights