Your PC can be hacked using simple audio files
We have seen cases of malicious images being used to break into computers and steal their data. The technique has been around for a while, but hackers are now making it more difficult to flag - by masking their malware behind simple, regular-looking WAV audio files. Here's all you need to know about this attack.
WAV files delivering hidden crypto-mining application
In a recent report, BlackBerry's cybersecurity firm Cylance detailed a malware campaign revolving around infected WAV files. They had discovered that certain threat actors are using regular WAV audio files to hide and deliver malware, specifically a crypto mining application named XMRrig, on PCs. The file, they said, looked like any other audio file but had the loader component for executing the malicious code.
This way, targeted machines are used for crypto-mining
Once the infected audio file is delivered on the machine, it uses the hidden malicious program to establish a connection with a command and control server. Then, this command and control center sends out instructions to secretly activate the crypto-miner and use the same for mining cryptocurrency for hackers. So, essentially, it generates money for hackers but leverages the computer resources of the victim.
This adds another attack vector for cryptomining
While there have been cases of infected audio files in the past, this is the first instance of a file being explicitly used for delivering crypto-mining software. To recall, before this, crypto-mining malware was delivered only by the way of malicious scripts on websites, browsers, or software programs bundled with malware. This clearly suggests that attackers are growing more sophisticated with time.
How to protect yourself?
According to Cylance, the malware-integrated WAV files were first used by Russian cyber-espionage group Waterbug, but anybody could have accessed the malicious code. This means, in order to stay protected, you need to have appropriate anti-virus tools on your system. Plus, in addition to a strong security tool, it is also important to be careful while downloading files from the internet.
