Cyber criminals have learned to hide viruses in MEM

Date:

2018-12-19 19:30:07

Views:

129

Rating:

1Like 0Dislike

Share:

Cyber criminals have learned to hide viruses in MEM

To Mask the virus program under normal files, criminals have learned for quite some time. Beginner user just regular mp3 files, pictures in jpeg or word document doc format will not cause any suspicion. Sometimes it even opens and will perform its direct function. However, within such files can contain malware and anti-virus successfully fight with him. But as it turned out, the old method was able to adapt in order to hide viruses in images with the meme.

It is worth to mention that while all of what will be discussed applies only to a social network . However, once the vulnerability was there, no one is immune from the fact that in the future other platforms can be dangerous.

"Infecting" the memes at first glance are the usual pictures with one exception. Code file contains the embedded command, which is activated remotely after the file has been downloaded to your PC after viewing an infected tweet. It should be noted that malware is not loaded from Twitter. Social network merely acts as a temporary storage for commands the download.


the code Analysis and malware


a Screenshot of an infected Twitter account

After getting on the computer, the program starts to act like a Trojan and downloads data from the Pastebin service. After that the virus starts to read the ID of the meme and to perform all of the commands starting with "/", sending the data to the criminals. As found by Trend Micro in the course of the investigation, the malware authors have published two tweets with malicious meme on October 25 and 26 via a Twitter account created in 2017. These files are found the command "/print" capture screen "/processos" -data about the running processes, the "/clip" — information on the clipboard, "/username" — the data about the account,"/docs" — information about the names of the files in a directory.

The Administration of Twitter and those who found dangerous code has already taken a number of measures to prevent the spread of viruses in social networks. But we still do not advise you to sign up for doubtful accounts and to refrain for a while from reading the Twitter feed from a personal computer. Smartphones are currently not affected by this vulnerability.

Recommended

What would happen if Russia will disconnect from the global Internet: the view from overseas

What would happen if Russia will disconnect from the global Internet: the view from overseas

the global Internet infrastructure there is no Central authority. To make it work, everyone relies on everyone else. As a result, the global intertwining of submarine cables, satellites and other technologies that connect the world often ignores nati...

YouTube will remove the video about the flat Earth and the reptilians from the list of recommendations

YouTube will remove the video about the flat Earth and the reptilians from the list of recommendations

recommendation System based on machine learning are in almost every service. It helps people to read the articles, listen to music and watch the videos they are most interesting. Google is not the first year makes changes to the algorithm recommendat...

Facebook is building an Observatory for laser communication with satellites

Facebook is building an Observatory for laser communication with satellites

On the snow-covered top of the California mount Wilson housed many famous Observatory. For example, until 1949 it was the Hooker telescope, and in 2004 it appeared optical interferometer CHARA. At the moment, it built two new Observatory, which, alth...

Comments (0)

This article has no comment, be the first!

Add comment

Related News

Module InSight

Module InSight "heard" the Martian wind

the InSight Mission in which only 10 days ago on the surface of Mars dropped the lander and the science lab, sent us the first sounds of Martian winds on the red planet. Sensors InSight caught the faint hum caused by vibrations of...

The Chinese company has submitted a draft free satellite Internet to all

The Chinese company has submitted a draft free satellite Internet to all

Many large corporations like Facebook, and SpaceX has repeatedly stated that researches in the creation of the global Internet, which will provide access to the world wide web at any point of our planet. And recently it became kno...

In Moscow, an attack on the new cable car

In Moscow, an attack on the new cable car

open two days ago, the cable car from the observation platform on Sparrow hills and Luzhniki stadium committed cyber attack. The news Agency TASS with reference to the press service of the Moscow cable car reports that the inciden...