Trend Micro Warns of Image-Stealing Malware

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

In a recent blog post, Trend Micro threat response engineer Raymart Paraiso warned of new malware that steals image files from an infected device and uploads them to a remote server.

"[The] new threat, appropriately dubbed PixSteal by Trend Micro researchers, opens a hidden command line and copies all JPG, JPEG, and DMP files it can find on the infected system to the C drive," Infosecurity reports. "From there, it sends the copies to a remote FTP server. Both .JPG and .JPEG files pertain to file formats commonly used for images, while .DMP files are memory dump files that contain information on why a particular system has stopped unexpectedly."

"Though it appears tedious, the potential gain for cybercriminals should they be successful in stealing information is high," Trend Micro's Paraiso writes. "Information theft routines have been mostly limited to information that are in text form, thus this malware poses a whole new different risk for users. Users typically rely on photos for storing information, both personal and work-related, so the risk of information leakage is very high. Collected photos can be used for identity theft, blackmail, or can even be used in future targeted attacks."

"Unfortunately, the researchers don't say what infection vector is used by the criminals behind this Trojan, but you can be sure that keeping your software updated and not opening attachments or following links from unsolicited emails and messages is a good idea," writes Help Net Security's Zeljka Zorz.