Image snatching malware poses new security threat

New breed of Trojan sniffs out personal information in pictures, not documents.

Cyber criminal

Security researchers have identified a new malware strand that steals image files from computers and sends them to a remote server

The program, detected under the name TSPY_PIXSTEAL.A (Pixsteal-A), is a Trojan that opens all .jpg and .jpeg image files, as well as .dmp memory dump files, and delivers copies of the first 20,000 to the FTP server being used by the cyber criminals behind the malware. It is currently only operational on Windows computers, according to Trend Micro's threat response engineer Raymart Paraiso.

"Though it appears tedious, the potential gain for cybercriminals should they be successful in stealing information is high. Users typically rely on photos for storing information, both personal and work-related, so the risk of information leakage is very high," he said in a blog post.

The collected images could potentially be used for identity theft, blackmail or to tailor future targeted attacks on individuals or corporations, Paraiso added.

Rik Ferguson, director of security research and communications told IT Pro: "[I believe] this is the first malware that has particularly focused on such a limited set of file types. In some of the nation state sponsored attacks, stealing photographs is of interest ... but if we are talking about the commercial, cybercriminal, widespread side of things ... then this does represent a shift."

Ferguson claims it is possible we will see more of this type of malware, but it will depend on how successfully Pixsteal-A can be monetised.

"There was a report recently on BBC Newsbeat that said self-generated intimate photos were being stolen and used on porn sites. So there is one obvious way that this kind of activity could bring an income for criminals, but whether it becomes more widely adopted and more widespread depends on how successful [this one is at generating revenue]," Ferguson concluded.

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

3 Mar 2021
Microsoft Exchange targeted by China-linked hackers
zero-day exploit

Microsoft Exchange targeted by China-linked hackers

3 Mar 2021
Malicious ‘dependency confusion’ packages are stealing password files
hacking

Malicious ‘dependency confusion’ packages are stealing password files

2 Mar 2021
What is the Computer Misuse Act?
Policy & legislation

What is the Computer Misuse Act?

2 Mar 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
Ransomware operators are exploiting VMware ESXi flaws
ransomware

Ransomware operators are exploiting VMware ESXi flaws

1 Mar 2021