Everyone has loved the awesome images the NASA James Webb Space Telescope has sent. But beware! There is danger lurking.
In a shocking series of events, the NASA James Webb Space Telescope has become the latest victim of hackers as threat analysts have found the presence of malware hidden in the photos taken by NASA’s newest telescope. This news comes as a huge risk as millions of people around the world have been downloading images taken by NASA’s $10 billion space telescope.
Threat analysts at cybersecurity firm Securonix have discovered a new malware attack campaign known as GO#WEBBFUSCATOR. According to Securonix, the attackers used images taken by the James Webb Space Telescope and combined them with obfuscated Golang programming language payloads which take place in the host’s computer.
How the malware attack takes place
Threat analysts at Securonix stated that the attack starts with a phishing image sent to the victim via a phishing email containing a Microsoft Office document. Securonix obtained a sample of the program which contained a document titled “Geos-Rates.docx”.
The cybersecurity firm said in a blog post that the document contains a jpg image which also includes hidden malware code which can only be viewed through a text editor. Along with the code, a certificate is also hidden containing a Base64 code which once executed, installs onto your device in the form of “msdllupdate.exe”.
The blog further mentions that “at the time of publication, this particular file is undetected by all antivirus vendors according to VirusTotal.” Once the program gets executed, it implants a binary program into the Windows Registry Key. The report also says that the malware can help hackers spy and steal information from your device as the malware is designed to work with a hacker’s command and control server.
How to protect yourself against such attacks
To prevent such phishing attacks on your device, it is advised to regularly update your computer with anti-virus software, spyware filters, e-mail filters and firewall programs and use the latest version available of the web browser. Whenever you open any website, always ensure that it is a “https” link. If you’re travelling between places, never use the public WiFi networks. Never open any suspicious links which may be sent to you via email.