Microsoft Malware Protection Center (MMPC) has positively identified the malicious script is inserted into the image file. Malware currently circulating on 4chan forum, looks like the next step in the evolution of known threats appeared 4chan.js 2008 is the first time.
Not surprisingly, the latest iteration depends on the users trust 4chan.js image formats and lack of familiarity with the use of HTA format. "Infection with the images stored in. PNG store data in a compressed format that is very dangerous," says researcher Michael Johnson MMPC, cited by TG Daily
"Users can follow the instructions inside. PNG track and save the file as a bitmap (.BMP) with HTA extension. Decompress the file is doing with the image, some JavaScript, and one or more files can run, "he said again
According to Johnson, already mentioned, the process allows the malware to the same packages, defeating the CAPTCHA mechanism, "hired" by 4chan.
"This way we can see, the bitmap was conducted with a random variable is created each time. Of course, tend to believe that most users, the image format. They do not realize that the same image file can be malicious scripts that are embedded contain "Johnson said.
For this MMPC suggest that users do not click the link that will see track random images, especially if the lesson is to change the file and then run it anyway.
0 comments:
Post a Comment