Best News Network

Hackers exploit NASA’s famous deep space image to attack computers | Digit

New Delhi, Sep 3 (IANS) Cyber-security researchers have identified a unique attack where hackers are exploiting a hugely popular deep space image taken from NASA’s James Webb telescope to infiltrate computers with malware.

A newly-discovered hacking campaign is exploiting an image from the James Webb Telescope to infect targets with malware.

In July, James Webb produced the deepest and sharpest infrared image of the distant universe to date, known as the ‘First Deep Field’.

Now, Securonix Threat research team has identified a persistent Golang-based attack campaign, that incorporates an equally interesting strategy by leveraging the deep field image taken from the James Webb and obfuscated Golang (or Go) programming language payloads to infect the target system with the malware.

Golang-based malware is on the rise gaining popularity with APT hacking groups such as Mustang Panda.

Go is an open-source programming language developed in 2007 by Robert Griesemer, Rob Pike, and Ken Thompson at Google.

“Initial infection begins with a phishing email containing a Microsoft Office attachment. The document includes an external reference hidden inside the document’s metadata which downloads a malicious template file,” said the researchers.

When the document is opened, the malicious template file is downloaded and saved on the system.

Finally, the script downloads a JPEG image that shows the James Webb Telescope deep field image.

“The image file is quite interesting. It executes as a standard jpg image as seen in the image below. However, things get interesting when inspected with a text editor,” the researchers explained.

The generated file is a Windows 64-bit executable which is around 1.7 MB.

Securonix recommended that users avoid downloading unknown email attachments from non-trusted sources, and prevent Microsoft Office products from using the company’s security recommendations.

(Except for the headline, the rest of this IANS article is un-edited)

For more technology news, product reviews, sci-tech features and updates, keep reading Digit.in

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsAzi is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.