A well-known photo from NASA is used to spread malware

A well-known photo from NASA is used to spread malware



The James Webb Space Telescope was the creator of some of the most spectacular photographic shots ever, including one showing an infrared image of the universe. The photo in question, published by NASA, which allows you to fly with your imagination in distant galaxies, was recently used by some attackers to spread malware.

In particular, the photo is the basis of a new campaign for the distribution of malware, called GO # WEBBFUSCATOR. Security analysis platform Securonix explained that the attack is initially carried out by sending a phishing email containing a Microsoft Office attachment. Within the document metadata, a URL is hidden that takes care of downloading another file through a script, which is subsequently executed if Word macros are enabled. Finally, the well-known photo "First Deep Field" is downloaded, inside which there is malicious code disguised as a certificate. - th_hardware_d_mh2_1 slot id: th_hardware_d_mh2 "); }
Augusto Barros, vice president of Securonix, said, interviewed by Popular Science, that the hacker group at the head of this campaign may have decided to use this photo as it is large and therefore capable of suspicious fewer users, in addition to the fact that, being a now famous image, it could easily go unnoticed. As always, to avoid falling victim to these malware, it is a good idea to avoid downloading and launching files from untrusted sources.