=======================================================
Trojan that
hides inside images infects healthcare organizations
By Lucian Constantin
IDG News Service | Jun 25, 2015 12:54 PM PT
More than 66 percent of the malware's victims were
A computer Trojan that hides its malicious code inside
PNG image files counts healthcare organizations in the U.S. among its primary
targets.
The Stegoloader Trojan uses digital steganography
techniques to sneak past computer and network defenses. It originally appeared
in 2012, but has seen a resurgence over the past several months.
According to a recent report from Dell SecureWorks, the
Trojan is designed to steal files, information and passwords from infected
systems, but has additional modules that extend its functionality.
During the Stegoloader infection process, a temporary
deployment component downloads a PNG file from the Internet. This is a
functional image file, but hidden inside, among its pixels, are small bits of
encrypted code that get extracted and are used to reconstruct the Trojan's main
module.
Neither the PNG image or the Trojan's main module are
ever saved to disk. Instead, the whole process happens in the computer's memory
and the Trojan is loaded directly into memory as well.
The technique of using fileless components has
increasingly been used by malware authors over the past couple of years,
including by cyberespionage groups. It makes malware threats much harder to
detect and investigate.
Using digital steganography to hide malicious code is not
new either, but it's an increasingly used technique. The goal is to bypass
network-level malware scanners that inspect content flowing in and out of the
network.
According to statistics from antivirus vendor Trend
Micro, over the past three months Stegoloader infections were detected
primarily inside organizations from the healthcare, financial, and
manufacturing industries. Over 66 percent of the victims were from the U.S.
|
For a great email parody, view the following link:
https://www.youtube.com/watch?v=HTgYHHKs0Zw&__scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618
==============================================
**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:
www.tabularosa.net
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:
www.amazon.com/author/paulbabicki
If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications.
Lastly, I
am the founder and president of Tabula
Rosa Systems, a company that provides “best of breed” products for network,
security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT
product information for virtually anyone.
==============================================
No comments:
Post a Comment