Stegosploit Hidden Image Code is the Future of Online Attacks

Uploaded on 2015-06-09 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Stegosploit-slide.jpg

The security researcher Saumil Shah from Net Square security has presented at Hack In The Box conference in Amsterdam his Stegosploit project which allows an attacker to embed executable JavaScript code within an image to trigger a drive-by download.

The Stegosploit digital steganography project could open new scary scenarios for Internet users that could be infected by viewing a picture on any website, even without clicking on it or downloading it. The image could be the container for the priming of the malware. Shah has no doubts, Stegosploit could be the future of online attacks.

When an Internet user views the image, the hidden script would automatically load on the host the malicious code that could be used for various purposes, including control victim’s device and steal sensitive data.

The expert highlighted that antivirus software and malware detection solutions are not able to detect the Stegosploit leaving users open to any kind of attack.

Steganography was previouslyy exploitedby malware authors to hide information used by their malicious codes (i.e. C&C addresses or botnet parameters), but as Shah explained “Stegosploit” tool Shah takes the stenographic approach to a new level where exploits are delivered not only in plain sight, but also “with style.”
Shah has worked on Stegosploit technique to hide executable code within an image and execute the same code in a web browser supporting HTML 5 Canvas. The expert exploits HTML5 CANVAS to read image pixel data using Java Script and decode the image within the browser.

Shah demonstrated Stegosploit for the first time in March at the SyScan, initially the hacking technique required using two distinct images respectively to contain the executable code and code to decode it. Further efforts in the research on Stegosploit allowed its improvement, Shah succeeded to embed both the executable code and the decoder within the same image (PNG and JPEG).

Security firms are not aware of cases of this Stegosploit technique being used in the wild, but they fear that it will become soon a scaring reality.
Security Affairs:  http://bit.ly/1KeTvkB

« How to Stalk Someone’s Location on Facebook
US Stuxnet Attack Against N. Korea Failed »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Malwarebytes

Malwarebytes

Malwarebytes provides artificial intelligence-powered technology that stops cyberattacks before they can compromise computers and endpoints.

RSA Security

RSA Security

RSA provide cybersecurity products for Threat Detection and Response, Identity and Access Management, Governance, Risk and Compliance, and Fraud Prevention.

European Cyber Security Organisation (ECSO)

European Cyber Security Organisation (ECSO)

The main objective of ECSO is to support all types of initiatives or projects that aim to develop, promote and encourage European cybersecurity.

Cyber8Lab

Cyber8Lab

Cyber8Lab provides cybersecurity training programmes simulating real world cybersecurity incidents such as web defacement, malware, phishing, digital forensics analysis and wireless intrusion.

ODSC

ODSC

ODSC is a security systems integrator that provides services and expertise in identity management and access.

TypingDNA

TypingDNA

TypingDNA uses AI to recognise people by the way they type on desktop keyboards and mobile devices.

CONCORDIA

CONCORDIA

Concordia is a Cybersecurity Competence Network with leading research, technology, and competences to build the European Secure, Resilient and Trusted Ecosystem.

Control System Cyber Security Association International (CS2AI)

Control System Cyber Security Association International (CS2AI)

CS2AI is the premier global not for profit workforce development organization supporting professionals of all levels charged with securing control systems.

Smoothstack

Smoothstack

Smoothstack is a technology talent incubator whose immersive training program kick starts IT careers and delivers a fresh source of IT talent.

CybersCool Defcon

CybersCool Defcon

CybersCool is committed to educate and train, re-skill and up-skill the current workforce of various industries and businesses in the knowledge and know-how of cybersecurity.

Third Point Ventures

Third Point Ventures

Third Point brings deep technical expertise, a strong network of relationships, and decades of investing experience to add value to our partners throughout their journey from idea to IPO and beyond.

Elba

Elba

Employee security needs to be reinvented. SaaS security needs to involve end-user and awareness needs to be actionable. Meet elba, the 5-in-one cybersecurity hub with no compromises.

LOCH Technologies

LOCH Technologies

LOCH Wireless Machine Vision platform delivers next generation cybersecurity, performance monitoring, and cost management for all 5G and for broad-spectrum IoT, IoMT and OT wireless environments.

American Binary

American Binary

American Binary is a Quantum Safe Networking (TM) and post-quantum encryption company.

Digital Encode

Digital Encode

Digital Encode is a leading consulting and integration firm that specializes in the design, management, and security of business-critical networks, telecommunications, and IT infrastructures.

NAM-CSIRT

NAM-CSIRT

NAM-CSIRT is a team established to contribute to the security and stability of critical infrastructure and critical information infrastructure of the Republic of Namibia.