Watch out for malware in images in email attachments

In July, NASA revealed the first full-color images taken by the revolutionary James Webb Space Telescope. You may have seen the photo of the galaxy cluster known as Webb’s First Deep Field, which is the highest-resolution capture of the infrared universe ever.

NASA

But the history-making photo is now causing a cybersecurity stir as a new malware attack that’s using this photo has been identified. This could be just the beginning of hackers using images online to hack their way into our devices without us having a clue.

 

This risky new malware was first identified by the Securonix Threat research team. It’s one of the latest online attacks using “Golang,” or Go language, which is a fancy term for a simplified programming language Google created. This particular threat has been labeled as GO#WEBBFUSCATOR and while malware attacks using images aren’t super common yet, it’s better to be over-prepared.

 

In the case of infection Securonix studied, the malware came as a Microsoft Office attachment. The attached .docx file has a link hidden away within the document’s metadata (so you wouldn’t even notice it) which downloads a malicious file to your computer.

If you download the attachment, it would automatically open that link, and a file is saved to your system. The file, in this case, was a photo, that at first glance looks like the James Webb Space Telescope photo. But if you took a closer look at the code within the photo’s metadata, you’d see it contains malicious code that scarily enough, is able to get by some antivirus programs. The code revealed to Securonix that the goal of this malware being installed is for a hacker to execute arbitrary code on whatever device the image was downloaded to.

 

You don’t have to worry about images while scrolling apps like Instagram, Facebook, or other social media platforms. Any images uploaded to those sites or apps are compressed and won’t be posing a threat to your device.

The best way to avoid images is to not visit any websites you don’t know or open any emails that look suspicious – especially ones that contain an attachment.

 

While this particular type of malware wasn’t picked up by some antivirus programs, it wasn’t tested on every software and it’s better to protect yourself against potential threats in any capacity than not at all.

We recommend TotalAV – you can use real-time monitoring and it will check each email you open for malware. Save $100 today with our link.

While it is a little excessive to turn off pictures on Google Chrome completely if you’re worried about potential threats embedded in images, this is the safest way to block them.

  1. Open up Google Chrome
  2. Tap Chrome on the top left menu bar of your computer screen, and click Preferences
  3. Tap Privacy and Security
  4. Tap Site Settings
  5. Tap Images
  6. Click the circle next to “Don’t allow sites to show images”

You can also add certain websites to the list of sites “allowed to show images” in case you want to keep seeing pictures on websites that are safer to see pictures on (like Instagram or Facebook).

 

Microsoft has upped their security when it comes to macro-enabled template files for Word, PowerPoint, and excel, so you’ll have to confirm you trust certain template files before they’re able to open (which would have prevented the GO#WEBBFUSCATOR malware attack).

 

Related:

 

Related posts

Is your Social Security number at risk? Signs someone might be stealing it

Updated Android malware can hijack calls you make to your bank

Top 10 robocall hotspots in America