Last year a shocking report revealed how Russian hackers were found spreading malware through Britney Spears’s Instagram posts. Now, the IT security researchers at Trend Micro have discovered a sophisticated campaign in which an unknown hacker is using memes on the social networking service Twitter, to spread malware.
According to Trend Micro’s report released on Monday 17th, the hacker is using the popular “What if I told you” meme to command malware by telling it when to take screenshots from a targeted device and send them to a C&C server established by the hacker. It is noteworthy that currently, the malware is only targeting Windows-based computers.
So far, researchers have discovered two memes hiding commands in their metadata with the help of steganography that can infect a targeted computer with malware. The meme post masks the “/print” command which allows it to take a picture of the screen of the infected device.
The company also identified other commands which can be executed by the malware. Among them, the “/ processes”, which shows the list of programs that are running on the device; “/ Clip”, which takes what is on the user’s clipboard, “/ doc” that shows the device folders name and “/username” which retrieve username from an infected machine.
Apparently, the malware has been on the social network since October. So far, according to the report, it is unclear where the malware came from or how many users it might have infected. The suspicion, however, is that this was only a test to give other functionalities to the idea.
“Users and businesses can consider adopting security solutions that can protect systems from various threats, such as malware that communicate with benign-looking images, through a cross-generational blend of threat defense techniques,” Trend Micro advised.
At the time of publishing this article, the Twitter account (@b0mb3rmc) used by the hacker to spread the malware was suspected by the company. However, this is not the first time when hackers have used Twitter to spread malware in a completely unexpected manner. In 2009, the platform was used to send commands to a bot that infected users’ computers. Moreover, in 2016, an Android malware used a Twitter account as a gateway to infect users’ computers.