In what could be alarming news for all the meme lovers out there, hackers have discovered a new technique to control your system using memes posted on social media. Researchers at Trend Micro have come across a fine example of how modern techniques can be used to carry out malware activities. Researchers explain how this new piece of malware could retrieve commands from memes posted on a Twitter account run by hackers.
According to researchers, this malware named "TROJAN.MSIL.BERBOMTHUM.AA" is designed in such a way that it checks the Twitter account controlled by the hacker on a victim’s system. It then downloads and scans the malicious meme in order to inherit secret commands.
This Twitter account in question has already been suspended for the greater good as we check. The account was created last year and prior to its suspension, it tweeted two memes on October 25 and 26. As researchers explain, those memes provided malware with a “/print” command embedded in its metadata. What it does is instructs malware to take a screenshot of the infected machine.
Once the malware captures a screenshot of the infected system, it would then be sent to a remote command-and-control server. Address of the C&C server was obtained, courtesy of a "hard-coded" URL on Pastebin. The server address, however, points to a local, private IP address, suggesting that the malware could be in the early developmental stage.
Apart from “/print” command to capture screenshots, it also supports several commands from access a list of running processes to retrieving username from infected machines.
However, it should be worth pointing out that this malware is neither created nor shared using tweets. Memes posted on Twitter simply delivered commands to pre-existing malware on an infected machine.