Hackers Tweet Photos with Hidden Code
A piece of malware which attacks Twitter has been discovered by a cybersecurity company.
FireEye said the tool had been developed by a Russian group and had been named Hammertoss.
The firm said it generates Twitter accounts which tweet a web address and hashtag giving the location and size of an image.
Hidden instructions within the photo then make it possible to take somebody's data from a machine.
There have been a few examples where the commands, encrypted using a technique called steganography, have instructed the malware to upload information from a victim's network to accounts on cloud storage services.
Security firm FireEye expect the hackers to be Russian because of the targets and the data which had been taken, as well as the hours during which it operates.
Advisor to the EU's law enforcement agency Europol, Alan Woodward, believes this particular type of hack has been seen before.
He said: "The malware itself is not attached to the images but it is quite possible for sets of instructions for malware that has arrived on machines by another route.
"The malware arrives in two parts, neither of which on their own would necessarily trigger an alert in the security systems. But when both parts combine on the target machine, they are activated and know what to look for and where to send it.
"If the whole code for a piece of malware were present it might be possible to identify where the command and control servers are.
"But if you could place that data somewhere other than the actual piece of malware it makes any analysis of who the hackers are that bit more difficult."
Return to internet news headlines
View Internet News Archive