Researchers from Securonix, a company specializing in information security issues, spoke about
Computer infection starts with phishingan email containing an attachment in Microsoft Office format. The document's metadata contains an external link. When the document is opened, the malicious template file is downloaded and stored on the system, initiating the first stage of execution of the attack code.
After execution the script downloads the imageThe cluster SMACS 0723 is the first full-color image taken by the James Webb Telescope and presented by NASA in July of this year. Hackers embedded malicious Base64 code in the image code, disguised as an included certificate.
An image loaded by a virus. Photo credit: Securonix
The generated file isA 64-bit Windows executable that is about 1.7 megabytes in size and uses several obfuscation techniques to hide itself from antivirus software and make it difficult to analyze. According to the company, at the time of publication of the message, none of the known antiviruses could find this file.
The virus attack is probably built onthe popularity of the new space telescope and the desire of users to share a new image. Cybersecurity experts note that with the growth of remote work, people have become more reliant on digital interactions, which increases the level of trust in any content that comes over the Internet. This is actively used by attackers.
Read more:
The first images of the underground part of Mars surprised scientists
A galaxy located 12 billion light-years from Earth 'curled up' into an Einstein ring
From the body to the mouth: scientists have understood where the teeth came from