Hackers find a way around anti-virus and anti-malware programs using Twitter and Github.
An online security firm FireEye has detected an efficient malware program defined as Hammertoss that utilizes Twitter and Github to gain access to users computers via online photos. (TechAeris report). The malware’s design creates spurious Twitter accounts that then Tweet a certain URL and hashtag providing the size and the image’s location. Embedded code details instructions to target the victim’s computer that gives the hacker access to lift data.
Hackers also use a technique dubbed “steganography”. Tailored software identifies changing color pixel values of a picture, which then assign a number code to each altering pixel that slowly evolves to a message — the instructions. Because of so many variables involved in the program’s complexity, anti-virus and anti-malware programs have trouble spotting it. FireEye believes the assailants are based in Russia because of the targets’ profiles.
Jen Weedon with FireEye said, “Hammertoss really challenges network defenders’ ability to identify and differentiate the malware’s command and control communications from legitimate traffic.” She added, “In addition, there’s no attacker infrastructure to block so to find this malware you’d need a combination of people, technology and the right intelligence to hunt for, uncover, and neutralise such a sophisticated tool.”
The complication lies in its delivery because it’s delivered in two separate installments. In of themselves they’re not harmful allowing the compiled program to evade detection. Its best to use caution when clicking on any Twitter accounts that are unfamiliar.