Space images from the James Webb telescope are being used by hackers to hide and distribute malware.

As reported by Bleeping Computer, a new malware campaign titled ‘GO#WEBBFUSCATOR’ has been uncovered, which also involves both phishing emails and malicious documents.

windows, space, malware, hackers, hacker

Getty Images

A phishing email named “Geos-Rates.docx” is initially sent to victims, who would then unknowingly download a template file if they fall for the trap.

Should the target system’s Office suite have the macros element enabled, the aforementioned file subsequently auto-executes a VBS macro. This will then allow a JPG image to be downloaded remotely, after which it is decoded into an executable format, and then finally loaded onto the machine.

If the file itself is opened with an image viewer application, the image displays the galaxy cluster SMACS 0723, captured by the recently launched James Webb telescope. That said, opening the same file with a text editor reveals how the image disguises a payload that turns into a malware-based 64-bit executable.

After it’s successfully launched, the malware allows a DNS connection to the command and control (C2) server to be set up. Hackers can then execute commands via the Windows cmd.exe tool.

To help avoid detection, the threat actors incorporated the use of XOR for the binary in order to conceal Golang (a programming language) assemblies from analysts. These assemblies also utilize case alteration so it’s not picked up by security tools.

As for Golang, Bleeping Computer highlights how it’s becoming increasingly popular for cybercriminals due to its cross-platform (Windows, Linux, and Mac) capabilities. And as evidenced above, it’s harder to detect.

Researchers from Securonix have found that domains used for the malware campaign were registered as recently as May 29, 2022. The payloads in question have yet to be flagged as malicious by antivirus scanning systems via VirusTotal.

It’s been a busy year for hackers looking to deliver malware. In addition to the regular tried and tested methods to spread malicious files and the like, they’re even delaying the launch of their dangerous codes once it’s found its way into PCs by up to a month.

Fake DDoS pages, meanwhile, are being incorporated on WordPress sites in order to spread malware as well.

TECH NEWS RELATED

What We Can Expect From the Ignite 2022 Keynote

Don't be surprised if Microsoft spends a good amount of time on its Flight Simulator. Yes, you heard that right.

View more: What We Can Expect From the Ignite 2022 Keynote

Arc GPU drivers are getting better, but Intel says it’s challenging

Intel Arc A770 and A750 graphics cards will be available to order on October 12, but Intel admitted it’s still struggling with drivers for DirectX games. Raja Koduri, Intel’s head of Accelerated Computing Systems and Graphics Group (AXG), discussed the challenges in a recent interview. With reviews expected to start ...

View more: Arc GPU drivers are getting better, but Intel says it’s challenging

PC Gamers Are Warming Up to Windows 11, Steam Survey Reveals

This site may earn affiliate commissions from the links on this page. Terms of use. (Photo: Sunrise King/Unsplash)Nearly a year following Windows 11’s initial rollout, PC gamers are finally beginning to embrace the new(ish) operating system. According to the most recent Steam Survey, nearly a quarter of PC Steam users ...

View more: PC Gamers Are Warming Up to Windows 11, Steam Survey Reveals

Can’t connect to Wifi on the computer? Wait, take it to the shop

WiFi is an easy and convenient way to connect to the Internet. But then one fine day you can’t connect to WiFi on your computer. Do not rush to bring it to the store, but try the following ways that GhienCong Nghe offers to handle this problem. WiFi or wireless ...

View more: Can’t connect to Wifi on the computer? Wait, take it to the shop

Compare Windows 11 Home vs Pro

Want to know the differences between the Home and Pro editions? Here is a complete comparison between Windows 11 Home and Pro editions. As with older versions, Windows 11 has two major editions for regular users. i.e., the Home and Pro edition. As you might expect, the Pro edition is ...

View more: Compare Windows 11 Home vs Pro

Sonic Frontiers – Minimum and Recommended PC Requirements Revealed

Sega has revealed the full PC requirements for those who want to play the upcoming platformer on 720p/30 FPS and 1080p/60 FPS settings.

View more: Sonic Frontiers – Minimum and Recommended PC Requirements Revealed

Can’t download apps on Microsoft Store of Windows 10

It is a fact that many people are still not familiar with the Win 10 store and cannot download applications on the Microsoft Store. Now Windows 10 also has an application store called Microsoft Store that makes it easier to install computer software. But a lot of people actually have ...

View more: Can’t download apps on Microsoft Store of Windows 10

Windows 11 2022 update causes performance drop on some systems

The latest Windows 11 update, known as 22H2, is causing some headaches as it seems to be slowing down file transfer speeds on some systems

View more: Windows 11 2022 update causes performance drop on some systems

Collision may have formed the moon in mere hours

Microsoft: Windows 11 22H2 now available for all eligible devices

2 ways to turn off Microsoft Security Essentials on Windows 7

Hackers stole data from US defense org using Impacket, CovalentStealer

Can I use an Intel Arc GPU with AMD Ryzen?

Intel Arc A770 16GB vs. A770 8GB vs. Nvidia RTX 3060

Intel Arc A770 and A750 review: The right GPU at the right time

Intel Arc A750 vs. Nvidia RTX 3060

Headache due to slow computer will no longer be with how to speed up Win 10

Windows 11 Tabbed File Explorer Lands in New Update

Intel recommends its 10th Gen Core and AMD Ryzen 3000 CPUs or newer for Arc Alchemist GPUs

The cause of the scary blue screen error and how to handle it

OTHER TECH NEWS

Top Car News Car News