SoylentNews is people
SoylentNews
Keldrin writes:
"Zeus is a trojan designed to steal banking credentials, and has been declared one of the most successful pieces of malware currently seen in the wild. A new variant is making detection far more difficult for anti-virus companies by hiding configuration settings inside pictures. At the moment, the malware simply encodes the configuration with Base64, passes them through XOR and RC4, then attaches them to the end of an image file. This makes for an 'infected' file that is much larger than the original. There is speculation that future releases of the malware will be able to detect minuscule changes to the colors of individual pixels, making the affected files much harder to detect."
This discussion has been archived.
No new comments can be posted.
New Zeus Trojan Variant Using Steganography
|
Log In/Create an Account
| Top
| 26 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
In Tulsa, Oklahoma, it is against the law to open a soda bottle without
the supervision of a licensed engineer.
(Score: 1) by thoughtlover on Tuesday February 25 2014, @09:39PM
Why not hash pictures and compare them to known images currently in Google's massive database?
Even if they are able to hide config changes via slight changes in pixel color, you could write a program to compare suspects with originals via difference blend mode --any changes will be just over #000; easily detectable by a program where the human eye can't see any change.
Or am I missing something else?