Malware Hidden in Windows Logo Being Used to Target Middle Eastern Governments
In cybersecurity, some ongoing espionage attacks have focused on separating certain Middle Eastern governments with their sensitive information. These attacks use a steganographic trick that hides a prior undocumented backdoor placed within the Windows logo, leaving the victims entirely in the dark.
This brand-new type of malware harnesses the power of steganography, which is essentially a process used to embed secret messages in a known document. Once the procedure is complete, the cyber-criminals can focus on discreetly extracting malicious code from a bitmap image of an old Microsoft Windows logo hosted on a GitHub repository.
Cybersecurity experts state that "disguising the payload in this fashion allowed the attackers to host it on a free, trusted service. Downloads from trusted hosts such as GitHub are far less likely to raise red flags than downloads from an attacker-controlled command-and-control (C&C) server."
Researchers also stress that "exploitation of vulnerabilities on public-facing servers provides it with a route into organizations, while custom tools paired with adept use of living-off-the-land tactics allow it to maintain a long-term, persistent presence in targeted organizations."
Hungry for more? Join me each week, where I'll break down complex topics and dissect the latest news within the cybersecurity industry and blockchain ecosystem, simplifying the tech world.