HACKERS are hiding a nasty surprise in images captured by Nasa’s James Webb Space Telescope.
The snaps, which have caught the imaginations of people across the globe this year, are being used to disguise and distribute malware.
1
The hacking campaign was identified by cybersecurity firm Securonix, which detailed its find in a recent blog post.
Researchers discovered malware dressed up as an innocent image file being distributed over email.
That rigged file included what looked like a photograph of a region of space called SMACS 0723 captured by the JWST earlier this year.
According to Securonix, the file contained hidden computer code which can be viewed when the image is inspected with a text editor.
That code helps attackers to execute a malware program that can bypass antivirus detection.
Hiding it in the image is a common tactic among cyber crooks hoping to avoid being caught out by antivirus programmes.
It makes the file more likely to end up in your inbox instead of your spam folder.
Once on your PC, the virus can allow criminals to spy on or remotely take over the infected system.
Most read in Tech
It highlights the importance of thinking twice before clicking on a link sent from an unknown email address or phone number.
If you’re unsure who’s sent you something, it’s best to take a moment to make sure it’s safe.
You can do that using link-checking services such as Norton Safe Web.
If you believe you’ve been sent a malicious link or file, report the sender and delete the message immediately.
You should also always make sure that your smartphone and apps are up to date with the latest software.
It follows a warning issued by cyber buffs about a TikTok vulnerability that could have allowed hackers to hijack people’s accounts.
In a blog post yesterday, researchers at Microsoft revealed a bug in the Android version of the app, which has 1.5billion downloads.
Fortunately, the “high-severity” glitch labelled CVE-2022-28799 is now fixed.
There is no evidence that attackers used it to break into accounts.
Were hackers to have exploited the software defect, they could have accessed accounts with a single tap.
A malicious link could have been distributed via email or other online messaging services.
If the recipient were to tap the link, their account would have immediately been compromised.
From there, crooks could have publicised private videos, sent messages, and uploaded videos on victims’ behalf.
The bug was reported to TikTok and has now been fixed.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
This post first appeared on Thesun.co.uk
