https://www.gdatasoftware.com/blog/steamhide-malware-in-profile-images
Pretty fun
Obviously targeting Windows, but still…
https://www.gdatasoftware.com/blog/steamhide-malware-in-profile-images
Pretty fun
Obviously targeting Windows, but still…
So:
?
So my question is: What is the initial maleware?
Not exactly, i haven’t found a better article on english language, but as far as i understood from other sources:
It is malicious payload which can initially be used to spread fast like a worm using Steam (client) and then hijack Windows PC after self-executing:
Looks like not only profile, but wherever else like images in articles etc
Pretty sure it is an actual attack vector, since it’s pretty big in scale (as far as it’s detected now), also there are plenty of functionality it has which were not activated so far, including:
So yeah, it’s actually pretty dangerous.
Might be a bot net, might be a crypto-miner.
Might be whatever.
As far as I’ve read seems that it needs another malware (gotten by “usual” ways) to extract the information coded inside the image and so start the all shenanigans.
In other words, it makes your computer more secure, before nuking it.
It’s a malware that likes challenges