New Stegosploit Tool Hides Malware Inside Internet Images For Instant Drive-by PwningJune 1, 2015 – 4:36 AM
Go online for five minutes. Visit a few webpages. How many pictures do you see?
In plain speak, this means virtually any picture you view on the web, even without clicking on it or downloading it, could potentially contain malware. Upon viewing the image, the hidden program would automatically load on your computer or mobile device without your consent. That malicious software could then do a variety of nasty things from taking control of your device to stealing data, photos, login credentials, sensitive personal and financial information and more. The best part of all, antivirus and malware detection scanners are not, at this time, equipped to detect these kinds of attacks, rendering your safety net completely useless.
While using steganography to convey hidden messages is nothing new, the attack method Shah has developed is, and in his opinion, could be the future of online attacks.