JWB Posted November 13, 2022 Share Posted November 13, 2022 Both ESET and Avast have confirmed seeing a threat actor going by the name Worok using this method since early September 2022. Apparently, Worok has been busy targeting high-profile victims, such as government organizations, across the Middle East, Southeast Asia, and South Africa. More malware is being hidden in PNG images, so watch out (msn.com) Link to comment Share on other sites More sharing options...
Murph Posted November 13, 2022 Share Posted November 13, 2022 Good and timely warning. Link to comment Share on other sites More sharing options...
Ivanhoe Posted November 13, 2022 Share Posted November 13, 2022 Yeah, this is part of the rise of fileless malware. The bulk of the executable instructions are hidden in an image or other innocent-looking file, then a very small RAM-resident malware program copies the larger code from the guts of the file into RAM, and starts running it. Conventional anti-malware programs aren't going to catch this. Don't click on embedded links or attachments in emails, use uBlock or other browser protection, and fer crissakes don't do email or web surfing from an account that has admin privileges. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now