Recently it has been “viralized” an image of Mario (of Super Mario Bros), which, by steganográfia methods, hides malicious code in the pixels of the image downloaded by a banking malware called “Ursnif”.

Matthew Rowen and Tim Howes, Bromium researchers, They found an Excel file that ran different macros. Among the different macros, There is one that verifies the place where the Excel has been executed, if you are in Italy, Other macros, which download malicious code, will run immediately. These will download the image of Mario, which in turn, will execute PowerShell code thus downloading different malware on your computer.

The use of steganográfia techniques are used by cybercriminals to hide malicious content in multimedia files without being detected, This causes users to “trust each other” when opening content. In this case, Used 4 lower bits in blue tones, that although the human eye does not appreciate change, is enough space to hide a code.

The resulting code after analyzing the image gave a very obfuscated PowerShell code, But it didn't take long for them to realize that it was actually base64 encrypted and when they cleaned up the code they got the final version., which downloads malware onto computers.

What do you think of all this??


Leave a Reply

Your email address will not be published. Required fields are marked *

More news
A
Read more »
A researcher manages to hack some concert tickets using AI
Read more »
Una nueva campaña de phishing suplanta a ChatGPT
Read more »
Nintendo suffers a data breach through a supplier
Read more »
Trying to make fun of a scammer is not a very good idea
Read more »