Capitalizing on the frenzy of NASA’s stunning footage, malicious hackers have launched a phishing campaign by including malware in an image captured by the James Webb Telescope.
Every time NASA (US National Aeronautics and Space Administration) Unveils new images taken with the James Telescope web – Giant space monitoring instrument located more than 1.5 million km from Earth – The Internet is boiling. Everyone rushes into this amazing and highly detailed snapshot that makes us discover unprecedented events in space, by capturing information invisible to the naked eye, far into the galaxy and in time. Internet users seek to download it as desktop or mobile wallpaper (see our statement of facts). But this madness did not escape the hackers who decided to use these images to thwart our monitoring and infect devices …
James Webb pictures : malware hidden in files JPG
Cyber security experts from Securonics Conducted an investigation and uncovered a campaign phishing Which aims to install malicious software in the computer capable of monitoring and spying on the victim’s activity remotely. The company detailed the method of infection in a report from Monday August 30. the name of the thing Go #WebfuscatorThis scam starts with a very normal phishing email, which encourages the victim to open a file attached documents To discover an image taken by the James Telescope web. This one shows the cluster of galaxies SMACS 0723, recipe NASA as such “The deepest and most accurate infrared image of the distant universe yet”. It’s actually a Word file called Geographical prices.docxWhich contains code written in a programming language julang. This is very popular with pirate car It is difficult to detect and works on almost all programming systems.
Once the document is downloaded, the Visual Basic malware will be downloaded. if Macros – A computer programming tool that allows you to group a series of different commands into one shortcut – activated, the Word file will already display the famous image, but it also runs the program (msdlupdate.exe). This is designed to receive requests and communicate with the hacker’s encrypted server. Thus the hacker can spy and recover data from the device – Operating system type, version nucleusinstalled applications – As well as controlling it. Of course, everything is done with camouflage that makes operations undetectable. Here’s why we won’t remember it enough: Never open it attachments And never click on links in an email or SMS from a stranger!