For two years, criminals stole sensitive information using malware hidden in individual pixels of ad banners

For two years, criminals stole sensitive information using malware hidden in individual pixels of ad banners

by Cory Doctorow, bOiNGbOiNG

Eset’s report on Stegano, a newly discovered exploit kit, reveals an insanely clever, paranoid, and devastatingly effective technique used by criminals to infect their victims’ computers by hiding malicious code in plain sight on websites that accepted their innocuous-seeming banner ads.

The criminals were able to send banner ads and JavaScript to their targets’ computers by pushing both into ad networks. These networks aggressively scan advertisers’ JavaScript for suspicious code, so the criminals needed to sneak their bad code past these checks.

To do this, they made tiny alterations to the transparency values of the individual pixels of the accompanying banner ads, which were in the PNG format, which allows for pixel-level gradations in transparency. The JavaScript sent by the attackers would run through the pixels in the banners, looking for ones with the telltale alterations, then it would turn that tweaked transparency value into a character. By stringing all these characters together, the JavaScript would assemble a new program, which it would then execute on the target’s computer.

Read the full article here…

How did you like this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

SHARE THIS PAGE OR POST

Leave a Reply