Attackers Connect with Malware via Malicious Memes

Kacy Zurkus | December 18, 2018

Attackers Connect with Malware via Malicious Memes
A new type of malware has been found listening for commands from malicious memes posted on Twitter, according to new research from Trend Micro. Cyber-criminals are using the social site as an unwilling conduit in communicating with its mothership through the use of steganography, a tactic that hides a payload inside an image in order to evade detection. The payload also instructs the malware to take a screenshot and collect system information from the infected computer, Aliakbar Zahravi wrote in a recent blog post.  “This new threat (detected as TROJAN.MSIL.BERBOMTHUM.AA) is notable because the malware’s commands are received via a legitimate service (which is also a popular social networking platform), employs the use of benign-looking yet malicious memes, and it cannot be taken down unless the malicious Twitter account is disabled. Twitter has already taken the account offline as of December 13, 2018,” the blog said. In late October, the malware authors posted malicious memes in two separate tweets. Using a Twitter account run by the malware operator, the malware listens for a command embedded in the memes. Once downloaded from the Twitter account onto the victim’s machine, the malware parses in order to act as the command-and-control (C&C) service for the malware, according to Zahravi. “This isn’t the first occurrence of malware using popular websites to obscure command-and-control features. Most organizations will allow popular websites through their firewalls, so malware communicating with these sites can blend in with a large pipe of network data,” said Travis Smith, principal security researcher at Tripwire. “A slight uptick in a few bytes of data to Twitter is less of an anomaly than a few bytes of data going to an unknown IP address for the first time. “What’s unique here is the use of steganography to obscure the commands even further. This tells me the authors of this malware are concerned more about folks scanning websites like Twitter or PasteBin for typical command-and-control or other malware functions in the text of those services.

Spotlight

There are so many predictions for 2018 when it comes to cyber security. Gathering them all would make an endless list. So let’s focus on the ones that are more likely to happen. GDPR will be effective in May 25th in the European Union. Programmers and engineers are working on developing ways t


Other News

AI APPLICATIONS

Enterprise AI platform Dataiku launches managed service for smaller companies

Dataiku | June 15, 2021

Dataiku is going downstream with a new product today called Dataiku Online. As the name suggests, Dataiku Online is a fully managed version of Dataiku. It lets you take advantage of the data science platform without going through a complicated setup process that involves a system administrator and your own infrastructure. If you’re not familiar with Dataiku, the platform lets you turn raw data into advanced analytics, run some data visualization tasks, create data-backed dashboards and train machine learning models. In particular, Dataiku can be used by data scientists, but also business analysts and less technical people. The company has been mostly focus...

Read More

AI TECH

Tech Mahindra and Subex Partner to Drive Scale Adoption of Blockchain-based Solutions for Telecom Operators Globally

Subex | November 05, 2020

To enable fraud mitigation and drive operational efficiencies for communication service providers by reducing compliance complexities and faster time-to-market 5th November 2020, BENGALURU, INDIA – Tech Mahindra, a leading provider of digital transformation, consulting, and business re-engineering services and solutions, and Subex, an industry leader in providing services based on Digital Trust, have announced strategic partnership to roll-out blockchain based solutions for telecom operators globally. These solutions will enable fraud mitigation and drive operational efficiencies for communication service providers (CSP) by reducing compliance complexities and faster tim...

Read More

Google Cloud and STS to Automate U.S. Navy Maintenance Inspections Using AI and ML Technology

Prnewswire | August 28, 2020

Google Cloud and Simple Technology Solutions (STS)—a Google Cloud partner and small business specializing in multi-cloud solutions for the federal government—today announced they are working with the U.S. Navy to modernize the maintenance and repairs inspection process for Navy vessels and facilities. STS will use Google Cloud artificial intelligence (AI) and machine learning (ML) technologies on inspection drone-captured images to detect, prioritize, and predict its maintenance needs. The work was awarded to STS as a Phase I Small Business Innovation Research project due to the technology innovation and potential for commercialization....

Read More

THE BEST UPWORK AGENCY – THE FOURTH AWARD

MobiDev | July 24, 2020

This year MobiDev won the fourth award as Upwork’s Best Agency in Ukraine. The first place in the Web, Mobile & Software Development category is ours for the fourth year in a row. Although this year, the Upwork Ukraine Awards Ceremony took place online in Zoom, that didn’t stop us from attending it.We are proud to keep the leading position and to justify the confidence of our clients for many years. Without such an awesome team none of this would have been possible. Thank you, guys! Alone we could do so little, together we are capable of so much....

Read More

Spotlight

There are so many predictions for 2018 when it comes to cyber security. Gathering them all would make an endless list. So let’s focus on the ones that are more likely to happen. GDPR will be effective in May 25th in the European Union. Programmers and engineers are working on developing ways t

Resources

Events