We’ve all seen them and laughed at them. There’s “Grumpy Cat” or “Be Like Bill.” In some cases, these memes have racked up over a billion views. That’s almost 20 percent of the world’s population who have been “dancing like the fox” or “Rick-Rolling” someone. Internet memes have been parsed by sociologists and ethnographers who have been able to imbue much cultural data from them, but for the most part, memes have been viewed as harmless fun. U, mad bro?
Unfortunately, like with many fun things, a dark side has evolved. As if MSPs don’t have enough to worry about when it comes to protecting their clients, memes may be creeping onto the list. In late 2018, researchers discovered malicious code hidden in memes that were posted to Twitter. The malware discovered was a relatively “clunky,” low-level, trojan. Still, its emergence is troubling because memes are so widely shared and in this case the malware’s conduit was a legitimate, popular social sharing platform like Twitter. The meme threat isn’t surprising to Dr. Meng Guozhu, a researcher who has studied malware at Singapore’s Nanyang Technological University. In his view, memes can post a danger.
“The malicious code is able to direct the malware to operate accordingly via instructions,” Guozhu tells SmarterMSP. He says such malware can encrypt your local files and disclose credentials. However, a more sophisticated malware can wreak even more havoc.
“More advanced memes can write something to your storage or read something from your RAM by exploiting vulnerabilities in your meme viewers,” Guozhu explains.
How dangerous is meme malware?
At the moment, the threat posed by memes is minimal. In the earlier instance, the malicious code was found in a couple of Twitter accounts that have now been disabled. Disabling the compromised Twitter account was the only way researchers could be certain that the malware was deactivated. While the threat seems minimal, even the worst storms begin with just a few raindrops, so the meme issue is one worth watching.
Guozhu says that with new malware emerging on an almost daily basis, combined with undiscovered software vulnerabilities, there are no “perfect solutions.” Still, MSPs do have some measures at their disposal.
“For example, MSPs can build a real-time risk control system, monitor suspicious accounts, abnormal behaviors of your devices, or even analyze the possibly malicious memes mechanically,” Guozhu says.
Part of the reason meme threats exist is because of the irresistible urge to share it with others. MSPs need to get out in front of this trend by increasing awareness among client staff to the potential dangers of memes.
However, there is also the human element to consider. Who can resist that Grumpy Cat meme? Part of the reason meme threats exist is because of the irresistible urge to share it with others. MSPs need to get out in front of this trend by increasing awareness among client staff to the potential dangers of memes.
People should be cautious when they are surfing on the Internet, especially browsing an unfamiliar website or opening any attachments from a totally unknown source, according to Guozhu.
Where will meme malware appear next?
Of course, the whole meme mess raises the question: Are there more social sharing platforms that we might need to cast a wary eye towards?
Unfortunately, yes. Guozhu explained that users’ devices are running varying software, and browsers have many core modules to parse miscellaneous content from the Web. You can imagine that memes, along with PDF files, audio files, and videos, can be used for a malicious purpose and harm your electronic devices.
Danny Hendler, a professor in the Department of Computer Science at Ben-Gurion University in Israel, tells SmarterMSP that the malicious memes pose one key threat.
“If the machine downloading the meme is not yet infected, but there is a vulnerability in the image viewer, then the meme may be crafted so it can exploit the vulnerability and compromise the machine,” explains Hendler. Perhaps more ominously is what a meme can do if the computer is already infected.
“If the downloading machine is already compromised, then the object can be used as a covert channel for communicating commands to the malware bot already present on the machine,” Hendler says. That’s not very comforting. Because not enough is known about the meme threat currently, there may be malware already hiding in computers just waiting for Grumpy Cat or Yoda memes to issue a command.
Hendler advises, “Avoid downloading any files from suspicious sources and ensure that all the software (OS, drivers, applications) are updated with security patches in a timely manner.” Also, a dash of divinity can’t hurt either. “After doing all this, it doesn’t hurt to say a little prayer as well,” Hendler adding jokingly.
Photo: George McLittle / Shutterstock