Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11How cyber criminals hide malware in .WAV files
Hackers have developed tricks to bring their malware payloads onto people's systems. A Trojan is a program that looks like it is doing something beneficial, but actually contains something dark.
Hackers must now be much more sneaky when attacking. Sometimes they hide malware in another seemingly innocuous file. This is known as the 'steganography' technique, and the first documented case of malware WAV files recently.
What is steganography?
Steganography is an overarching term whenever someone hides one data among many others. This is not a recently emerging malware term that dates back to about 440 BC!
Steganography is a little different from coding. With encryption, there is an Obfuscation section that the recipient must unravel before being able to read the message. Steganography is not necessarily encrypted, but is hidden in another piece of data.
Malware developers have used this ancient technique to sneak files past the security layer of computers. Antivirus software tends to be lax with files that are not associated with viruses, so malware developers have sneaked up malware inside these files.
Normally, the file is not used to infect the system, because it is difficult to run the program hidden in a file without assistance. Instead, it is often used by viruses that have infect computers. It can download these seemingly harmless files to get instructions or executables without triggering anti-virus warnings.
We have seen viruses hidden in images before, but have recently documented the first use of the popular WAV file distribution method.
How does WAV Steganography work?
This new method of attack has been reported twice this year. In June, there was a report on how a Russian gang called Waterorms used WAV-based Steganography to attack government officials. Then another report came out earlier this month saying the strategy was used again. This time, the files are no longer aimed at officials but are used by a cryptocurrency called Monero.
In these attacks, malware will download executable files, DDL files and backdoors in WAV files. Once the file is downloaded, the malware will dig through the data to find the file. When found, the malware will execute the code.
How to prevent WAV Steganography attacks?
Before you begin to suspect your album collection, you should remember that WAV Steganography is used by an existing malware. It is not used as an initial infection method but as a way for existing malware to continue to establish itself on a system. As such, the best way to avoid these sneaky attacks is to prevent the initial penetration.
This means following the golden rules of network security: Install a good antivirus software, don't download suspicious files, and keep everything up to date. This is enough to prevent cryptomining malware (the process of using available system resources to find virtual currency) and any suspicious audio files that are downloaded to the computer!
Steganography is nothing new, even in the cybersecurity world. However, it is worth noting that the use of WAV files to sneak the DDL and backdoor into malware. Now you know what steganography is and how the virus uses it to sneak files past an antivirus program.
Does this new method in malware make you nervous? Let everyone know in the comments below!
Kareem WintersYou should read it
- How many types of malware do you know and how to prevent them?
- Trojans hide themselves under SPAM porn
- New ransomware appeared not to send Bitcoin, money, but ... nude photos !!!
- Tricks to hide files or folders on Windows, Mac OS X and Linux
- Microsoft Azure is being used to host malware and C2 servers
- Binder and Malware (Part 1)
- How to use Media Lock to hide files on Windows 10
- Analyze Malware actions
May be interested
- How to delete ransomware creates .bora file extension
if the image, document or file is encrypted with the bora extension, it means that your computer is infected with ransomware stop (djvu). and here is how to delete it. - How to delete ransomware creates a .boot fileif the image, document, or file is encrypted using the boot extension, it means your computer has been infected with ransomware stop (djvu).
- How to detect and remove malware Agent Smith on Androidagent smith targets android mobile operating systems, replacing installed applications with malicious versions without users' knowledge.
- How does malware target illegal streams?illegal torrents have been the number one enemy for producers and movie theaters. however, time is changing everything. today, users are switching to streaming movies instead of torrent them.
- Review IObit Malware Fighter 7 and give you the 100 key Pro versionrecently, iobit has released the latest version of the system protection toolkit, iobit malware fighter 7. as an advanced security solution for windows, iobit malware fighter has won praise from newspapers and people. use.
- General guidelines for decoding ransomwarein this guide, tipsmake.com will try to help unfortunate readers infected with ransomware and encrypted files on the computer.
Game industry - an attractive target for cyber criminals
The 5 most 'dirty' tricks of malware
How many types of malware do you know and how to prevent them?
Trojans hide themselves under SPAM porn
New ransomware appeared not to send Bitcoin, money, but ... nude photos !!!