A new Twitter scam uses memes to spread malicious programs. The threat, detected by the cybersecurity company Trend Micro, was developed based on the steganography tactic, which hides one file inside another. Thus, cybercriminals inserted a malware code in meme images posted on the social network. When a user posts or opens these photos, their computer is automatically infected with malicious software.
READ: 'Secret' on Twitter denounces fake news; know how to use
Trend Micro researchers said the new malware has been circulating on Twitter since October. Although malware allows hackers to access victims' computers, no sensitive data, such as passwords, has so far been stolen. Therefore, the security team believes that this was a "testing phase" of the virus, in preparation for more dangerous attacks in the future.
Trend Micro discovers viruses that hide in memes posted on Twitter Photo: Reproduo / Trend Micro
Want to buy cell phones, TV and other discounted products? Meet Compare TechTudo
How New Malware Works
Malicious memes hide codes that allow hackers to perform specific activities on the computer, bypassing security systems. One of the possible actions, for example, would be to take screenshots of the user's screen and send them to an unknown server.
Scammers also inserted commands in memes that can give access to computer addresses, such as / processes, which shows the list of running programs, / clip, which displays the PC clipboard, and / doc, which informs the title of all folders saved on the machine.
Malware installed on the PC from memes with specific commands Photo: Creative Commons / Flickr / elhombredenegro
Therefore, at first, the intent of the malware found in memes lists for cybercriminals all the processes that are going on on the victim's computer, in addition to finding the user name of the infected machine. It is not known who is behind the scam or how many accounts have been affected, but Twitter has already banned the account that published the first of one of the infected memes, in addition to deleting the post sharing publications.
It is not the first time that the microblogging has experienced attacks or security problems. For example, in 2016, CEO and co-founder of social network Jack Dorsey had his account hacked. In 2015, another hacker used steganography on Twitter to infect computers from images and codes published on GitHub.
Via TrendMicro and TechCrunch
Router scam: how to avoid? Ask questions in the TechTudo forum.
What ransomware: five tips to protect yourself