Stegosploit Hidden Image Code is the Future of Online Attacks

Uploaded on 2015-06-09 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Stegosploit-slide.jpg

The security researcher Saumil Shah from Net Square security has presented at Hack In The Box conference in Amsterdam his Stegosploit project which allows an attacker to embed executable JavaScript code within an image to trigger a drive-by download.

The Stegosploit digital steganography project could open new scary scenarios for Internet users that could be infected by viewing a picture on any website, even without clicking on it or downloading it. The image could be the container for the priming of the malware. Shah has no doubts, Stegosploit could be the future of online attacks.

When an Internet user views the image, the hidden script would automatically load on the host the malicious code that could be used for various purposes, including control victim’s device and steal sensitive data.

The expert highlighted that antivirus software and malware detection solutions are not able to detect the Stegosploit leaving users open to any kind of attack.

Steganography was previouslyy exploitedby malware authors to hide information used by their malicious codes (i.e. C&C addresses or botnet parameters), but as Shah explained “Stegosploit” tool Shah takes the stenographic approach to a new level where exploits are delivered not only in plain sight, but also “with style.”
Shah has worked on Stegosploit technique to hide executable code within an image and execute the same code in a web browser supporting HTML 5 Canvas. The expert exploits HTML5 CANVAS to read image pixel data using Java Script and decode the image within the browser.

Shah demonstrated Stegosploit for the first time in March at the SyScan, initially the hacking technique required using two distinct images respectively to contain the executable code and code to decode it. Further efforts in the research on Stegosploit allowed its improvement, Shah succeeded to embed both the executable code and the decoder within the same image (PNG and JPEG).

Security firms are not aware of cases of this Stegosploit technique being used in the wild, but they fear that it will become soon a scaring reality.
Security Affairs:  http://bit.ly/1KeTvkB

« How to Stalk Someone’s Location on Facebook
US Stuxnet Attack Against N. Korea Failed »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alert Logic

Alert Logic

Alert Logic delivers unrivaled security for any environment, delivering industry-leading managed detection and response (MDR) and web application firewall (WAF) solutions.

SCIS Security

SCIS Security

SCIS Security provides affordable cyber security services and solutions to small to medium sized businesses and homes.

Phew

Phew

Phew are New Zealand cyber security specialists with expertise and experience forged in global financial markets, IT&T, management consulting and SME business management.

Beazley

Beazley

Beazley are a specialist insurer with three decades of experience in providing clients with the highest standards of underwriting and claims service worldwide.

CloudBolt Software

CloudBolt Software

CloudBolt provide solutions for your toughest cloud challenges. From automation, to cost and security, and hybrid IT governance — we have you covered.

TestArmy

TestArmy

TestArmy CyberForces provide you with a broad spectrum of cybersecurity services to test every aspect of your IT infrastructure security and software development process.

Have I Been Pwned (HIBP)

Have I Been Pwned (HIBP)

Have I Been Pwned is a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach.

SpeQtral

SpeQtral

SpeQtral offers commercial space-based Quantum Key Distribution (QKD) founded on technology developed at the National University of Singapore.

Moro Hub

Moro Hub

Moro Hub, a subsidiary of Digital DEWA, is a UAE-based digital data hub focused on digital transformation and operational services.

LayerX Security

LayerX Security

LayerX's user-first browser security platform turns any browser into the most protected & manageable workspace, by providing real-time monitoring and governance over users’ activities on the web.

VulnCheck

VulnCheck

VulnCheck helps organizations outpace adversaries with vulnerability intelligence that predicts avenues of attack with speed and accuracy.

Quarkslab

Quarkslab

Quarkslab is a dedicated team of cyber-security engineers and developers. We aim at forcing the attackers, not the defender, to adapt constantly.

Carahsoft Technology Corp

Carahsoft Technology Corp

Carahsoft Technology is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets.

Espria

Espria

Espria is a leading independent managed service provider with expertise in Cloud, IT, Communications and Document Solutions.

Zafran

Zafran

Zafran is a Risk & Mitigation Platform that defuses threat exploitation by mobilizing existing security tools.

Icon Information Systems (ICONIS)

Icon Information Systems (ICONIS)

ICONIS is an integrated infrastructure and service provider, offering unified Information Technology (IT) solutions globally.