Images Spreading Malware Through Stegosploit Tool


Now attacks are now through Internet images using Stegosploit tool which allows hackers to bind malware in an image.

Security Researcher Saumil Shah has developed a Stegosploit tool where hackers can hide executable JavaScript code within an image to trigger a drive by download.

Internet is becoming a major source of media and eventually becoming as a hub of various advertisements. Hence, we can see so many innocent images scattered all over the Internet. Security researcher Saumil Shah feels that it is this field which the next generation Cyber attackers could exploit.

Saumil Shah, a security researcher from Net Square security. Recently presented his Stegosploit project at Hack In The Box Conference held in Amsterdam. During the conference he demonstrated an updated method of his digital steganography project known as Stegosploit Tool, which allows hackers to hide executable JavaScript code within an image to trigger a drive by download.


What does it mean?

In commoner terms would possibly|it’d} merely mean that going forward there are probabilities that folks might transfer probably dangerous malware into their devices simply by viewing associate innocent wanting image, even while not clicking or downloading that image. whereas someone views a picture, the hidden malware may get downloaded within the pc or smartphone or Tablets while not the data and consent of the user. Now, this worm or the malware will be terribly dangerous because it will steal user’s confidential knowledge like pictures, login credentials, money data etc. The worst half here is that antivirus and therefore the malware notice ion scanners of gift times aren’t equipped to detect these styles of cyber attacks.

Steganography:  It is a technique of transmitting some codings in hidden form, in such a way that the message becomes a part of something else such as an image or article or shopping list or even cover text. This technique is being used since 1499 and one striking example of Steganography would be when some hidden message is written with an invisible ink between the visible lines of an innocent friendly letter.

Usually in case of cryptography, the encrypted message increases much interest. However in case of steganography the secret message does not trigger any attention and thus gets saved from unwanted scrutiny. This is why steganography is preferred over cryptography.

While speaking to iDigitalTimes, Shah said:

Finally, Shah discovered an executable code which can be embedded in an image and then executed in the web browser. Thus, Shah created his own tool ‘Stegosploit’ with which he was able to hide executable code within an image and then execute the same code in a web browser that supports HTML5 Canvas. Further, the tool uses Java Script to read the image pixel data and decodes the image within the browser thus exploiting the HTML5 Canvas.

Using this Stegosploit tool, Shah of Iran has been taking famous exploits in Chrome, Safari, adventurer and alternative HTML5 Canvas supporting browsers and coded these exploits into the image layers. Shah of Iran has dubbed the resultant files as pictures (image + JavaScript) that masses as JavaScript associate degree exceedingly browser and renders as a picture moreover as an viable. therefore Shah of Iran was able to hide two completely different styles of content in one Indian file delivering malicious content within the pictures.

During coding method, the image might seem to be altogether unchanged counting on that layer the JavaScript has been embedded. The Stegosploit technique is ready to distribute the viable code round the inside a picture file that makes it next to not possible to be detected by this antivirus programs. To sight this hidden code, the antivirus must scan every and each computer memory unit in a picture which might directly have an effect on the speed of the web.

It was within the month of March once, Shah of Iran gave the primary demonstration of his Stegosploit tool at SyScan. Then, the technique might render the malware by exploitation two images; one would contain the viablecode and therefore the alternative would contain a code to decrypt it. However, Shah of Iran has any worked on his technique and currently each the viable moreover because the decoder codes is embedded at intervals a same image. The technique is feasible with PNG moreover as JPEG pictures. Further, as long because the size of the file remains unchanged it is additional to any webpage as well as Twitter, Imgur, Instagram, chemical analysis profiles and plenty of additional.

People who read images and pictures on-line would be simply put-upon because the malware gets downloaded simply by viewing and doesn’t got to be clicked or downloaded. This will be a greatest technique that cyber attackers can exploit within the close to future. sovereign is pretty assured that we are going towitness these attacks before long, though as of currently there aren’t any cases of hackers using this methodhowever.

Shah said: “I can’t be the only guy that thought this up. When I think of something I want to bring it out into the light and say ‘here’s a technique that’s very difficult to do but have at it. Use your creative thinking and find out some defences against, because this thing is coming”.

This was Saumil Shah’s whole statement about this cyber attacks.

Give your opinion about this exploit in comment box.


Please enter your comment!
Please enter your name here