Attackers using image files to hide backdoors

Attacker are using legitimate image files to hide backdoors in order to maintain access to compromised servers, according to Web security firm Securi Security.

More than a dozen sites have been impacted by this known but not normally used method of attack, according to Daniel Cid, chief technology officer of Securi, who said his company continues the investigate the incidents.

A backdoor in a computer system is a means by which attackers can bypass normal security authentication and allow an attack to go unnoticed.

RELATED CONTENT

Canadian firms, vulnerable to cyber attacks: Federal agency
WordPress hit by botnet

Cid said Securi discovered the suspect image files on a previously Webservers. The Web sites were running outdated versions of content management system platform WordPress or outdated versions of Joomla, another CMS platform.

He said the images they found still loaded and worked properly.

“On this compromised sites, the attackers modified legit, pre-existing images from the sites,” he said in his blog. “This is a curious steganographic way to hide the malware.”

Once the server is compromised, the attackers can modify the image’s EXIF headers and re-load the image. The image renders normally and most Web masters will not notice any changes.

Should the exploit be discovered and security is tightened the image gives the attackers an access point which they can later on use again.

Read the whole story here

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now