Stegano – Malware that all Internet Explorer users be aware of
Written by Sia / Courtesy of Hongkiat
Researchers have found a malicious malware, called Stegano that has targeted millions of unaware users of Internet Explorer through popular websites. The scariest part about this malware is that it manages to go undetected for two years before anyone manages to detect it.
When the infected ad shows up, Stegano scans, extracts and then runs a code that exploits an known Internet Explorer vulnerability. Once it confirms that the environment it is running in is indeed vulnerable, Stegano would load a one-pixel iframe offscreen that redirects the user to its landing page.
The landing page would then load a file that is capable of exploiting three different Flash vulnerabilities.
The moment Stegano knows your machine is vulnerable, it will display a special GIF file that contains cached data. This malware-ridden image can be identified when you zoom into it, as it contains a QR-like code that isn’t particularly noticeable to the naked eye.
Finally, it will perform one last security check that scans for any security software. If the scan fails to detect anything that could expose it, the malware would download and launch the payload, leaving the infected machines with a backdoor, keylogger, screenshot maker and a video maker.
As Stegano relies on Internet Explorer and Flash to work, the simplest precaution is to avoid both. Researchers have also mentioned that the malware can be avoided by having fully patched software, that is, “a reliable, updated internet security solution”.
Read the original article over at Hongkiat.com.