New Image Stealing Trojan, Finds Trend Micro
Security researchers from Trend Micro the security company recently spotted a peculiar kind of malware that captures each and every image file existing on the infected PC followed with transmitting them all onto certain server located elsewhere.
Known as 'PixSteal,' the mentioned malware triggers off one concealed command whereby it copies every JPEG, JPG -image files- along with memory dump or DMP files, it discovers on the C, D and E drives, and pastes them onto drive C of the infected computer. From there, the PixSteal transmits the copied files onto the remote server.
Trend Micro cautions that normal information embezzlements have been mainly of data which appears as textual; therefore the current malware imposes an entirely unusual threat for end-users.
PixSteal on communication with the remote File Transfer Protocol server is capable of causing voluminous destruction. It can transmit 20K files simultaneously onto the mentioned server. Certainly, somebody then must scan the files for finding anything valuable. Apparently, when pictures are hijacked those would be found without any problem alternatively a default detection engine can be designed to do the task. Subsequently, the pictures could be used for holding the user at ransom. However, garnering and utilizing other kinds of data out of the hijacked picture files would be relatively harder. For example, lifting financial data from the JPG/JPEG files and pasting it on text format files can be nearly impossible, therefore such data can be used via solely manually duplicating it within the hijacked image files itself.
Trend Micro that identifies the Trojan to be TSPY_PIXSTEAL.A says that albeit the process is extremely difficult to follow, still if it proves effective in seizing information then cyber-criminals can potentially gain a lot.
Eventually, according to Raymart Paraiso, Threat Response Engineer at Trend Micro, computer-users always prefer image files for storing data be it work-related or personal, therefore, there's a huge risk of such data getting exposed and/or compromised owing to the recently identified PixSteal. Consequently, image data file, like any other formatted data file, must be protected from malware infection, Paraiso elucidates. Softpedia.com published this dated November 3, 2012.
Related article: New Spam Mail Charges For IPod
» SPAMfighter News - 09-11-2012