Naive question ?

Discussion in 'malware problems & news' started by justlearning, Mar 30, 2014.

Thread Status:
Not open for further replies.
  1. justlearning

    justlearning Registered Member

    Joined:
    Mar 30, 2014
    Posts:
    2
    Location:
    netherlands
    Hello folks ...

    new member here , just trying to learn my way into IT security...:) still a rookie though.

    I would just wondering If any concerns regarding sites hosting multimedia files .
    especially jpg could considered to be safe.
    In particular after the reports in jpg malware concealed with steganography .

    A relevant article is this : http://www.techworm.net/2014/02/new-variant-of-zeus-banking-trojan.html

    As it is mentioned , a usual method is Malvertising .
    For me the things to be concerned about would be :

    a. In sites like, let's say, tinypic.com or imageshack, would the mere viewing a jpg be hazardous ?
    b. what kind of browser is safer in navigating in these cases
    personally I use Chrome and Firefox
    c. Is an extension or add-on like NoScript or Adblock helpful or pretty much useless ?

    I know these are rather clueless questions of but I would be obliged If someone could throw a piece of advice.

    Thanks ...cheers :)
     
    justlearning, Mar 30, 2014
    #1
  2. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    The jpeg contains the Zeus configuration. Zeus still needs to load into the system before been able to read the configuration.
    So, in short: if you open a Zeus jpeg you don't get infected! :D
     
    fax, Mar 31, 2014
    #2
  3. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    I agree.

    It's 2014 and Microsoft Windows PCs can still be owned by a JPEG.

    IMHO NoScript and Adblock Plus are both quite useful in avoiding exposure to malware.
     
    MrBrian, Mar 31, 2014
    #3
  4. justlearning

    justlearning Registered Member

    Joined:
    Mar 30, 2014
    Posts:
    2
    Location:
    netherlands
    My sincere gratitude to both repliers .
    I would like to add some more wood in the fire , though ;)

    1) When I visited a certain web page which provided image hosting, my NoScript app warned me of an xss event . Not only that , but also in the event log there was a registration of a JavaInjection atempt in the aforementioned webpage. From what I understand so far java Injection is a method used in order to embed executable code in a presumably trusted site.
    I could paste the exact code as it was recorded ( If anyone can comprehend gibberish :ouch: )

    any cents on that one ?

    2) the second concern has to do with the csrss.exe file, as it is shown in the taskbar, not co certain though , still working on it


    How about number one , at first , any opinions ....? :)
     
    justlearning, Apr 2, 2014
    #4
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...