Stegosploit Hidden Image Code is the Future of Online Attacks

Please log in to browse. Login now
Uploaded on 2015-06-09 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Stegosploit-slide.jpg

The security researcher Saumil Shah from Net Square security has presented at Hack In The Box conference in Amsterdam his Stegosploit project which allows an attacker to embed executable JavaScript code within an image to trigger a drive-by download.

The Stegosploit digital steganography project could open new scary scenarios for Internet users that could be infected by viewing a picture on any website, even without clicking on it or downloading it. The image could be the container for the priming of the malware. Shah has no doubts, Stegosploit could be the future of online attacks.

When an Internet user views the image, the hidden script would automatically load on the host the malicious code that could be used for various purposes, including control victim’s device and steal sensitive data.

The expert highlighted that antivirus software and malware detection solutions are not able to detect the Stegosploit leaving users open to any kind of attack.

Steganography was previouslyy exploitedby malware authors to hide information used by their malicious codes (i.e. C&C addresses or botnet parameters), but as Shah explained “Stegosploit” tool Shah takes the stenographic approach to a new level where exploits are delivered not only in plain sight, but also “with style.”
Shah has worked on Stegosploit technique to hide executable code within an image and execute the same code in a web browser supporting HTML 5 Canvas. The expert exploits HTML5 CANVAS to read image pixel data using Java Script and decode the image within the browser.

Shah demonstrated Stegosploit for the first time in March at the SyScan, initially the hacking technique required using two distinct images respectively to contain the executable code and code to decode it. Further efforts in the research on Stegosploit allowed its improvement, Shah succeeded to embed both the executable code and the decoder within the same image (PNG and JPEG).

Security firms are not aware of cases of this Stegosploit technique being used in the wild, but they fear that it will become soon a scaring reality.
Security Affairs:  http://bit.ly/1KeTvkB

« How to Stalk Someone’s Location on Facebook
US Stuxnet Attack Against N. Korea Failed »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Bishop Fox

Bishop Fox

Bishop Fox is a leading authority in offensive security, providing solutions ranging from continuous penetration testing and attack surface management to product and application security assessments.

CloudEndure

CloudEndure

CloudEndure offers Disaster Recovery and Continuous Replication for the Cloud.

Datiphy

Datiphy

Datiphy's data-centric security platform uses behavioral analytics, and data-centric auditing and protection capabilities to mitigate risk.

Yokogawa Electric

Yokogawa Electric

Yokogawa is an electrical engineering company providing measurement, control, and information technologies including industrial cyber security.

PETRAS IoT Hub

PETRAS IoT Hub

PETRAS is a consortium of 12 research institutions and the world’s largest socio-technical research centre focused on the future implementation of the IoT.

TechCERT

TechCERT

TechCERT is Sri Lanka’s first and largest Computer Emergency Readiness Team (CERT).

Cyber Army Indonesia (CyberArmyID)

Cyber Army Indonesia (CyberArmyID)

Cyber Army Indonesia (CyberArmyID) is the first platform in Indonesia to collect and validate reports from hackers (referred to as Bug Hunter) regarding vulnerabilities that exist in an organization.

Data Protection People

Data Protection People

Data Protection People are specialists in Data Privacy, Governance, and Information Security.

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71) is Singapore's first cybersecurity entrepreneur hub.

DreamIt Ventures

DreamIt Ventures

DreamIt Ventures is an early stage venture fund that accelerates startups building transformative tech products in the fields of Healthtech, Securetech, and Urbantech.

Scout Ventures

Scout Ventures

Scout Ventures is an early stage venture capital firm that is making the world a better, safer place by cultivating standout frontier technologies.

Optimum Speciality Risks

Optimum Speciality Risks

Optimum Speciality Risks are an experienced team of cyber insurance experts, backed by Lloyds of London.

Traced

Traced

At Traced, our aim is to redefine mobile cyber security to provide the best possible protection to everyone against breaches of privacy and security.

CyberHunter Solutions

CyberHunter Solutions

CyberHunter is a leading website security company that provides penetration testing, Network Vulnerability Assessments, cyber security consulting services to prevent cyber attacks.

Capgemini

Capgemini

Capgemini is one of the world's foremost providers of consulting, technology and outsourcing services. Areas of expertise include Cybersecurity.

MyTurn Career LLC

MyTurn Career LLC

Looking for a rewarding career in cybersecurity? Explore a wide range of cybersecurity jobs and opportunities in this rapidly evolving field.