When a PC is allergic to cats
Tuesday, December 5, 2017
When we talked about criminals using images to transfer information or hide malicious code, we didn't show our readers an actual example of one of those images. So let's set things right:
Take a look at the image below
Do you notice anything strange about it?
I don't. This image was uploaded to the site in the jpeg format (the Anti-virus Times notes that we're talking about the site to which the rogue image was uploaded), but the original is a bmp file. If we view the original bmp image in a HEX editor, nothing unusual will jump out at us either.
However, the image incorporates obfuscated shell code at 0x00200A04. And yet we don't notice any out-of-place pixels in the image. This is because the BMP header was used to lower the image's height. The full size image would look like this: Pay special attention to the upper-right corner.
The original and malicious images differ in height by five pixels, but people usually don't notice that.
So that’s how it works.
Luckily, with Dr.Web you can safely enjoy cat images as much as you want.
#secureThe Anti-virus Times recommends
Some cats can be a health hazard, even for a PC. To prevent your computer from experiencing an allergic reaction to harmful "fur", use Dr.Web Security Space.
Tell us what you think
To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.
Comments
Неуёмный Обыватель
20:53:27 2018-07-25
vasvet
11:41:50 2018-07-15