Updated June 19th, 2019 at 16:41 IST

Meme lovers beware, Hackers control malware using Memes shared on social media

Researchers explain how a malware named "TROJAN.MSIL.BERBOMTHUM.AA" could retrieve commands from memes posted on a Twitter account run by hackers.

Reported by: Tanmay Patange
| Image:self
Advertisement

In what could be alarming news for all the meme lovers out there, hackers have discovered a new technique to control your system using memes posted on social media. Researchers at Trend Micro have come across a fine example of how modern techniques can be used to carry out malware activities. Researchers explain how this new piece of malware could retrieve commands from memes posted on a Twitter account run by hackers.

According to researchers, this malware named "TROJAN.MSIL.BERBOMTHUM.AA" is designed in such a way that it checks the Twitter account controlled by the hacker on a victim’s system. It then downloads and scans the malicious meme in order to inherit secret commands.

Also Read | Searching for these celebrities on the Internet might land you up on websites that carry viruses or malware

This Twitter account in question has already been suspended for the greater good as we check. The account was created last year and prior to its suspension, it tweeted two memes on October 25 and 26. As researchers explain, those memes provided malware with a “/print” command embedded in its metadata. What it does is instructs malware to take a screenshot of the infected machine.

Also Read | Bug may have exposed photos from 7 Million Facebook users

Once the malware captures a screenshot of the infected system, it would then be sent to a remote command-and-control server. Address of the C&C server was obtained, courtesy of a "hard-coded" URL on Pastebin. The server address, however, points to a local, private IP address, suggesting that the malware could be in the early developmental stage.

Apart from “/print” command to capture screenshots, it also supports several commands from access a list of running processes to retrieving username from infected machines.

However, it should be worth pointing out that this malware is neither created nor shared using tweets. Memes posted on Twitter simply delivered commands to pre-existing malware on an infected machine.

Advertisement

Published December 21st, 2018 at 16:33 IST