Hackers Hide Malware in Stunning Images Taken by James Webb Space Telescope

Discussion in 'other security issues & news' started by hawki, Aug 31, 2022.

  1. hawki

    hawki Registered Member

    "A persistent Golang-based malware campaign dubbed GO#WEBBFUSCATOR has leveraged the deep field image taken from NASA's James Webb Space Telescope (JWST) as a lure to deploy malicious payloads on infected systems...

    Phishing emails containing a Microsoft Office attachment act as the entry point for the attack chain that, when opened, retrieves an obfuscated VBA macro, which, in turn, is auto-executed should the recipient enable macros.

    The execution of the macro results in the download of an image file "OxB36F8GEEC634.jpg" that seemingly is an image of the First Deep Field captured by JWST but, when inspected using a text editor, is actually a Base64-encoded payload..."

    https://thehackernews.com/2022/08/hackers-hide-malware-in-stunning-images.html
    "
     
    hawki, Aug 31, 2022
    #1
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice