![]() These solutions are powered by Trend Micro TM XGen TM security, which provides high-fidelity machine learning that secures the gateway and endpoint, and protects physical, virtual, and cloud workloads. Trend Micro™ Deep Discovery™ has an email inspection layer that can protect enterprises by detecting malicious attachments and URLs. Trend Micro endpoint solutions such as the Smart Protection Suites and Worry-Free Business Security solutions can protect users and businesses from threats by detecting malicious files and messages as well as blocking all related malicious URLs. Users and businesses can consider adopting security solutions that can protect systems from various threats, such as malware that communicate with benign-looking images, through a cross-generational blend of threat defense techniques. ![]() Afterwards, the malware sends out the collected information or the command output to the attacker by uploading it to a specific URL address. It then obtains the control server information from Pastebin. In the case of the “print” command hidden in the memes, the malware takes a screenshot of the infected machine. We found that once the malware has been executed on an infected machine, it will be able to download the malicious memes from the Twitter account to the victim’s machine. The screenshots are sent to a C&C server whose address is obtained through a hard-coded URL on. Hidden inside the memes mentioned above is the “/print” command, which enables the malware to take screenshots of the infected machine. Twitter has already taken the account offline as of December 13, 2018. This new threat (detected as ) is notable because the malware’s commands are received via a legitimate service (which is also a popular social networking platform), employs the use of benign-looking yet malicious memes, and it cannot be taken down unless the malicious Twitter account is disabled. The malware connected to this malicious meme has been proactively blocked by Trend Micro machine learning and behavioral detection technology at the time of discovery. It should be noted that the malware was not downloaded from Twitter and that we did not observe what specific mechanism was used to deliver the malware to its victims. The memes contain an embedded command that is parsed by the malware after it's downloaded from the malicious Twitter account onto the victim’s machine, acting as a C&C service for the already- placed malware. The malware authors have posted two tweets featuring malicious memes on October 25 and 26 via a Twitter account created in 2017. ![]() We recently discovered malicious actors using this technique on memes. Steganography, or the method used to conceal a malicious payload inside an image to evade security solutions, has long been used by cybercriminals to spread malware and perform other malicious operations.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |