Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

JPEG Files Deliver Password Stealing Malware

March 18, 2025
Reading Time: 2 mins read
in Alerts
New StilachiRAT Targets Crypto Wallets

A new malware operation has been discovered, utilizing JPEG image files to stealthily deliver multiple strains of password-stealing malware. Security researchers from SEQRITE revealed that the attack leverages steganography, a technique for hiding malicious payloads within seemingly harmless image files. This approach allows cybercriminals to bypass traditional detection methods and distribute malware without detection. When unsuspecting users download or open the compromised JPEG file, their systems become infected with embedded malicious scripts.

The malware embedded within the JPEG files specifically targets browsers, email clients, and FTP applications. It focuses on stealing sensitive user credentials by extracting login information from application databases.

SEQRITE analysts explained that the core of the attack lies in its complex delivery mechanism, where malicious data is hidden within pixel data fields rather than in the image’s header or metadata. This makes the attack difficult to detect with standard image-processing tools.

Once the victim’s device processes the image, the payloads are extracted and executed through automated processes, initiating a chain of events that downloads further malicious tools.

These tools include password stealers like Vidar, Raccoon, and Redline, which specialize in collecting login credentials and transmitting the stolen data to command-and-control (C2) servers. The attackers employ Python and C++ executables to decode the hidden malicious scripts from pixel clusters and reconstruct executable payloads.

The use of steganography in this attack involves modifying the pixel values in JPEG files to encode the malicious data. SEQRITE security researchers demonstrated how the payload is extracted from the image using custom decoders, revealing subtle pixel-level changes. This sophisticated method makes it challenging for standard security measures to detect and prevent such attacks, highlighting the growing threat of steganographic malware.

Reference:
  • JPEG Files Used to Hide Steganographic Malware in New Attack Targeting Passwords
Tags: Cyber AlertsCyber Alerts 2025CyberattackCybersecurityMarch 2025
ADVERTISEMENT

Related Posts

VexTrio TDS Uses Adtech To Spread Malware

Simple Typo Breaks AI Safety Via TokenBreak

June 13, 2025
VexTrio TDS Uses Adtech To Spread Malware

VexTrio TDS Uses Adtech To Spread Malware

June 13, 2025
VexTrio TDS Uses Adtech To Spread Malware

Old Discord Links Now Lead To Malware

June 13, 2025
SmartAttack Uses Sound To Steal PC Data

SmartAttack Uses Sound To Steal PC Data

June 13, 2025
SmartAttack Uses Sound To Steal PC Data

Coordinated Brute Force Hits Tomcat Manager

June 13, 2025
SmartAttack Uses Sound To Steal PC Data

Pentest Tool TeamFiltration Hits Entra ID

June 12, 2025

Latest Alerts

Old Discord Links Now Lead To Malware

VexTrio TDS Uses Adtech To Spread Malware

Simple Typo Breaks AI Safety Via TokenBreak

Coordinated Brute Force Hits Tomcat Manager

SmartAttack Uses Sound To Steal PC Data

Pentest Tool TeamFiltration Hits Entra ID

Subscribe to our newsletter

    Latest Incidents

    Cyberattack On Brussels Parliament Continues

    Swedish Broadcaster SVT Hit By DDoS

    Major Google Cloud Outage Disrupts Web

    AI Spam Hijacks Official US Vaccine Site

    DragonForce Ransomware Hits Philly Schools

    Erie Insurance Cyberattack Halts Operations

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial