This photo is also currently being used by malicious people to infect systems with malware. Security analytics platform Securonix, identified a new malware campaign using the image, and the company called it GO#WEBBFUSCATOR says.
The attack started with a phishing email containing a Microsoft Office attachment. Hidden inside the document’s metadata is a URL that downloads a file containing a script that runs when certain Word macros are enabled. This too, Webb’s containing malicious code that looks like a certificate First Deep Field downloading a copy of his photo (above). The company said in its report on the campaign that not all anti-virus programs were able to detect malicious code in the image.
NASA-backed protection against cyber attacks
Securonix President assistant Augusto Barros told Popular Science that bad actors were James Webb He said there were several possible reasons why they chose to use his photo. First, NASA’s The fact that the high resolution images it publishes come in very large file sizes and can remove doubts on this subject. Also, even if an anti-malware program flags it down, reviewers might pass it off as it has been widely shared online over the past few months.
Another interesting point about the campaign is Google’s open source programming language for its malware. Golang to use. Securonix, Golang He says that malware-based malware is growing in popularity because they have flexible cross-platform support and are more difficult to analyze and reverse engineer than malware based on other programming languages. Phishing by email Like other malware campaigns that have started, the best way to avoid falling victim to this attack is to avoid downloading attachments from untrusted sources.