Cybersecurity researchers have identified a unique attack where hackers are exploiting a hugely popular deep space image taken from NASA<\/a>'s James Webb telescope<\/a> to infiltrate computers with malware. 网络安全研究人员已经确定了一个独特的攻击,黑客利用广受欢迎来自深空图像美国国家航空航天局的詹姆斯·韦伯太空望远镜渗透到电脑的恶意软件。
A newly-discovered hacking campaign is exploiting an image from the James Webb<\/a> Telescope to infect targets with malware.
In July, James Webb<\/a> produced the deepest and sharpest infrared image of the distant universe to date, known as the 'First Deep Field'.
Now, the Securonix Threat<\/a> research team has identified a persistent Golang-based attack campaign, that incorporates an equally interesting strategy by leveraging the deep field image taken from the James Webb and obfuscated Golang (or Go) programming language payloads to infect the target system with the malware.
Golang-based malware is on the rise gaining popularity with APT hacking groups such as Mustang Panda<\/a>.
Go is an open-source programming language developed in 2007 by Robert Griesemer<\/a>, Rob Pike, and Ken Thompson<\/a> at Google<\/a>.
\"Initial infection begins with a phishing email containing a Microsoft Office attachment. The document includes an external reference hidden inside the document's metadata which downloads a malicious template file,\" said the researchers.
When the document is opened, the malicious template file is downloaded and saved on the system.
Finally, the script downloads a JPEG image that shows the James Webb Telescope<\/a> deep field image.
\"The image file is quite interesting. It executes as a standard jpg image as seen in the image below. However, things get interesting when inspected with a text editor,\" the researchers explained.
The generated file is a Windows 64-bit executable which is on the large size, at around 1.7 MB.
Securonix recommended the users to avoid downloading unknown email attachments from non-trusted sources, and prevent Microsoft Office products using the company's security recommendations.
<\/p><\/body>","next_sibling":[{"msid":94014958,"title":"Ireland fines Instagram a record $400 million over children's data","entity_type":"ARTICLE","link":"\/news\/ireland-fines-instagram-a-record-400-million-over-childrens-data\/94014958","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[],"msid":94014987,"entity_type":"ARTICLE","title":"Hackers exploit deep space images taken from NASA's James Webb telescope to attack computers","synopsis":"Golang-based malware is on the rise gaining popularity with APT hacking groups such as Mustang Panda.","titleseo":"telecomnews\/hackers-exploit-deep-space-images-taken-from-nasas-james-webb-telescope-to-attack-computers","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":173,"shares":0,"engagementtimems":655000},"Alttitle":{"minfo":""},"artag":"IANS","artdate":"2022-09-06 07:33:42","lastupd":"2022-09-06 07:34:21","breadcrumbTags":["james webb","james webb telescope","nasa","securonix threat","robert griesemer","ken thompson","mustang panda","google","satcom","infrastructure"],"secinfo":{"seolocation":"telecomnews\/hackers-exploit-deep-space-images-taken-from-nasas-james-webb-telescope-to-attack-computers"}}" data-authors="[" "]" data-category-name="" data-category_id="" data-date="2022-09-06" data-index="article_1">
一个新发现黑客活动是利用图像的詹姆斯·韦伯望远镜与恶意软件感染的目标。
今年7月,詹姆斯·韦伯产生最深刻和最遥远宇宙的红外图像,称为“第一深空”。
现在,Securonix威胁研究小组发现了一个持久Golang-based袭击活动,包含一个同样有趣的策略利用深空图像从詹姆斯·韦伯和混淆Golang(或去)编程语言有效载荷与恶意软件感染目标系统。
去是一个开源的编程语言开发于2007年罗伯特GriesemerRob Pike,Ken Thompson在谷歌。
“初始感染始于网络钓鱼电子邮件包含一个微软办公附件。该文档包含一个外部引用隐藏在文档的元数据下载恶意模板文件,”研究人员说。
当文档被打开时,恶意模板文件系统上下载并保存。
最后,脚本下载JPEG图像显示詹姆斯·韦伯太空望远镜深空图像。
“图像文件是很有趣的。它执行一个标准的jpg图片见下图。然而,事情变得有趣的在检查一个文本编辑器时,”研究人员解释道。
生成的文件是一个Windows 64位可执行在大尺寸,大约1.7 MB。
Securonix推荐用户避免下载从非可信来源不明的电子邮件附件,并防止微软Office产品使用公司的安全建议。
读到
Cybersecurity researchers have identified a unique attack where hackers are exploiting a hugely popular deep space image taken from NASA<\/a>'s James Webb telescope<\/a> to infiltrate computers with malware.
A newly-discovered hacking campaign is exploiting an image from the James Webb<\/a> Telescope to infect targets with malware.
In July, James Webb<\/a> produced the deepest and sharpest infrared image of the distant universe to date, known as the 'First Deep Field'.
Now, the Securonix Threat<\/a> research team has identified a persistent Golang-based attack campaign, that incorporates an equally interesting strategy by leveraging the deep field image taken from the James Webb and obfuscated Golang (or Go) programming language payloads to infect the target system with the malware.
Golang-based malware is on the rise gaining popularity with APT hacking groups such as Mustang Panda<\/a>.
Go is an open-source programming language developed in 2007 by Robert Griesemer<\/a>, Rob Pike, and Ken Thompson<\/a> at Google<\/a>.
\"Initial infection begins with a phishing email containing a Microsoft Office attachment. The document includes an external reference hidden inside the document's metadata which downloads a malicious template file,\" said the researchers.
When the document is opened, the malicious template file is downloaded and saved on the system.
Finally, the script downloads a JPEG image that shows the James Webb Telescope<\/a> deep field image.
\"The image file is quite interesting. It executes as a standard jpg image as seen in the image below. However, things get interesting when inspected with a text editor,\" the researchers explained.
The generated file is a Windows 64-bit executable which is on the large size, at around 1.7 MB.
Securonix recommended the users to avoid downloading unknown email attachments from non-trusted sources, and prevent Microsoft Office products using the company's security recommendations.
<\/p><\/body>","next_sibling":[{"msid":94014958,"title":"Ireland fines Instagram a record $400 million over children's data","entity_type":"ARTICLE","link":"\/news\/ireland-fines-instagram-a-record-400-million-over-childrens-data\/94014958","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[],"msid":94014987,"entity_type":"ARTICLE","title":"Hackers exploit deep space images taken from NASA's James Webb telescope to attack computers","synopsis":"Golang-based malware is on the rise gaining popularity with APT hacking groups such as Mustang Panda.","titleseo":"telecomnews\/hackers-exploit-deep-space-images-taken-from-nasas-james-webb-telescope-to-attack-computers","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":173,"shares":0,"engagementtimems":655000},"Alttitle":{"minfo":""},"artag":"IANS","artdate":"2022-09-06 07:33:42","lastupd":"2022-09-06 07:34:21","breadcrumbTags":["james webb","james webb telescope","nasa","securonix threat","robert griesemer","ken thompson","mustang panda","google","satcom","infrastructure"],"secinfo":{"seolocation":"telecomnews\/hackers-exploit-deep-space-images-taken-from-nasas-james-webb-telescope-to-attack-computers"}}" data-news_link="//www.iser-br.com/news/hackers-exploit-deep-space-images-taken-from-nasas-james-webb-telescope-to-attack-computers/94014987">
评论
现在评论 阅读评论(1)所有评论
找到这个评论进攻?
下面选择你的理由并单击submit按钮。这将提醒我们的版主采取行动