New Malware Using Steganography

New Malware Using Steganography

Hello Everyone!

This week I read about a new threat in the world of cybersecurity. And it comes from an old concept: steganography. Yes, as the old saying goes, what is old is new again. And that is as true in IT as it is in any other field.

The payload of this malware isn’t any different than what we’ve seen malware do in the past. It still can do things like log your keystrokes, add your computer to a botnet, use your CPU and/or GPU for Bitcoin mining, etc. That part of it hasn’t changed.

What has changed though is the way that this kind of malware spreads. Instead of hiding inside an attachment, being part of a compromised website in a Cross-Site Scripting (XSS) attack, or propagating over an SMB file shares that was foolishly exposed to the internet. No, this malware hides in plain sight: inside the pictures on our webpages. And the worst part is that even very security-conscious people that use things like NoScript religiously are not protected from this issue

Now the first thing that came to my mind when I read this was how the Tor Browser blocks some HTML5 elements by default (in addition to having add-ons like NoScript installed by default). This got me asking myself if that meant that the Tor browser would protect you from such attacks.

What do you think? Does the Tor Browser make it less likely for you to get infected by these sorts of attacks? Let me know in the comments.

Leave a Reply