james-webb-telescope-images-loaded-with-malware-are-evading-edr

Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

James Webb Telescope Images Loaded With Malware Are Evading EDR

Threat hunters are warning security teams to be on the lookout for new cyberattack that uses a chance to see historic James Webb space telescope deep field images as a lure. The campaign’s victims are infected with Golang malware. 

Besides the novel lure strategy, the Go programming-based malware gives threat actors added flexibility across platforms and frameworks, in addition to providing reverse-engineering protections and obfuscation benefits, the Securonix research team reported. They dubbed the new cyberattack chain GO#WEBFUSCATOR for its ability to get around extended detection and response (EDR) defenses.

“The image contains malicious Base64 code disguised as an included certificate,” the researchers who found the James Webb image-themed cyberattack explained. “At the time of publication, this particular file is undetected by all antivirus vendors according to VirusTotal.” 

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Related News

Nearly 500 million WhatsApp User Records Sold Online

Nearly 500 million WhatsApp User Records Sold Online

In what is becoming a rather common trend, a threat actor is claiming to sell 487 million WhatsApp users’ mobile…
How to Create ISO Files from Discs – 3 Best Ways

How to Create ISO Files from Discs – 3 Best Ways

An ISO file is a disk image of an optical disc. It is a single file that contains all the…
All You Need to Know About Emotet in 2022

All You Need to Know About Emotet in 2022

For 6 months, the infamous Emotet botnet has shown almost no activity, and now it’s distributing malicious spam. Let’s dive…