Share This:

What is the Issue:

Security researchers have discovered a new attack technique utilizing downloadable images from GoogleUserContent sites such as Google+ and blogger forums. Downloaded images can execute scripts that establish backdoors that have long term access to a system and allow data loss.

Why is this noteworthy:

The malware is hidden from detection on legitimate images that can be downloaded and used in Office products. This type of malware infection is not only limited to images found on Google products but on any site with downloadable images. This technique has been used before on with sites like Pastebin and Github.

What is the exposure or risk:

This type of attack can be found virtually everywhere on the internet but is generally random and harder to spot. Hijacked machines can become affected by malware and system data can become compromised.

What are the recommendations:

SKOUT recommends caution when downloading images online from sites. We recommend you enhance user awareness on images downloaded from commonly used sites. It is also recommended to not download images on social media sites where images on shared amongst many users. Be aware of continued variations of newer and improved versions that are likely to surface.

References:
  1. https://blog.sucuri.net/2018/07/hiding-malware-inside-images-on-googleusercontent.html
  2. https://threatpost.com/stealthy-malware-hidden-in-images-takes-to-googleusercontent/134183/
  3. https://fossbytes.com/googleusercontent-malware-hosting-in-images/

If you have any questions, please contact our Security Operations Center.


Share This:
Doris Au

Posted by Doris Au

Doris is a product marketing manager at Barracuda MSP. In this position, she is responsible for connecting managed service providers with multi-layered security and data protection products that can protect their customers from today’s advanced cyber threats.

Leave a reply

Your email address will not be published. Required fields are marked *