Stegosploit Hidden Image Code is the Future of Online Attacks

Uploaded on 2015-06-09 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Stegosploit-slide.jpg

The security researcher Saumil Shah from Net Square security has presented at Hack In The Box conference in Amsterdam his Stegosploit project which allows an attacker to embed executable JavaScript code within an image to trigger a drive-by download.

The Stegosploit digital steganography project could open new scary scenarios for Internet users that could be infected by viewing a picture on any website, even without clicking on it or downloading it. The image could be the container for the priming of the malware. Shah has no doubts, Stegosploit could be the future of online attacks.

When an Internet user views the image, the hidden script would automatically load on the host the malicious code that could be used for various purposes, including control victim’s device and steal sensitive data.

The expert highlighted that antivirus software and malware detection solutions are not able to detect the Stegosploit leaving users open to any kind of attack.

Steganography was previouslyy exploitedby malware authors to hide information used by their malicious codes (i.e. C&C addresses or botnet parameters), but as Shah explained “Stegosploit” tool Shah takes the stenographic approach to a new level where exploits are delivered not only in plain sight, but also “with style.”
Shah has worked on Stegosploit technique to hide executable code within an image and execute the same code in a web browser supporting HTML 5 Canvas. The expert exploits HTML5 CANVAS to read image pixel data using Java Script and decode the image within the browser.

Shah demonstrated Stegosploit for the first time in March at the SyScan, initially the hacking technique required using two distinct images respectively to contain the executable code and code to decode it. Further efforts in the research on Stegosploit allowed its improvement, Shah succeeded to embed both the executable code and the decoder within the same image (PNG and JPEG).

Security firms are not aware of cases of this Stegosploit technique being used in the wild, but they fear that it will become soon a scaring reality.
Security Affairs:  http://bit.ly/1KeTvkB

« How to Stalk Someone’s Location on Facebook
US Stuxnet Attack Against N. Korea Failed »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

InfoSec People

InfoSec People

InfoSec People is a boutique cyber and technology recruitment consultancy, built by genuine experts.

Micro Systemation AB (MSAB)

Micro Systemation AB (MSAB)

MSAB is a leader in the provision of forensically secure tools for the extraction and analysis of data from mobile devices.

AvePoint

AvePoint

AvePoint is an established leader in enterprise-class data management, governance, and compliance software solutions.

SecuDrive

SecuDrive

SecuDrive, provides hardware encrypted external storage devices to protect a company’s sensitive and important data.

Dermalog Identification Systems

Dermalog Identification Systems

Dermalog Identification Systems is a pioneer in biometry and the largest German manufacturer of biometric devices and systems.

Secucloud

Secucloud

Secucloud GmbH is a provider of high-availability cyber-security solutions, offering a cloud-based security-as-a-service platform, particularly for providers.

Crypto International

Crypto International

Crypto International offers comprehensive services for the operation of our customers’ IT and communication infrastructure, with a focus on cybersecurity and encryption solutions.

SightGain

SightGain

SightGain is the only integrated risk management solution focused on cybersecurity readiness using real-world attack simulations in your live environment.

LayerX Security

LayerX Security

LayerX's user-first browser security platform turns any browser into the most protected & manageable workspace, by providing real-time monitoring and governance over users’ activities on the web.

Cyber Capital Partners

Cyber Capital Partners

Cyber Capital Partners build strategic and financial partnerships with small and mid-sized cybersecurity companies in highly regulated markets.

Defimoon

Defimoon

DeFimoon is the International Blockchain Development & Security Agency. We provide professional services and solutions at the highest quality on world-leading chains.

Autobahn Security

Autobahn Security

Autobahn Security is a growing team of 80+ experts from 25+ nationalities, established in 5 countries. We’re working hard to make Autobahn Security the No. 1 solution for improved hacking-resilience.

Techtron Business IT Services

Techtron Business IT Services

TECHTRON has been providing business IT services since 2004. Our focus is on SMBs and we are good at it. Our customers trust us, they love our high levels of service, and they love what we stand for.

LT Harper

LT Harper

LT Harper specialise in cyber security recruitment. We believe in providing an individualised service to our customers whether they are looking for a new opportunity or to hire talent.

Omnex

Omnex

Omnex provides consulting and training services in Quality, Environmental, and Health and Safety standards-based management systems including Automotive Cybersecurity.

Nicos AG

Nicos AG

Nicos AG specializes in secure, global data communication.