NEW YORK (MainStreet) Keyboard Cat could be hacking your bank account.
Sharing pictures and videos of cats seems to be a primary function of the Internet. Research by British mobile network Three reports that more than twice as many people share pictures of cats than selfies. And we know how many selfies there are out there. In Britain alone, more than 3.8 million pictures of cats are shared each day, compared to just 1.4 million selfies. But Grumpy Cat could be a part of a nefarious plan to separate you from your money.
French security researcher Xylitol has discovered the Zeus/Zbot Trojan malware, the malicious software that has plagued banks for years, hidden inside of photos. The code uses the images to cloak its configuration file which, when retrieved and executed, can infect a web browser and trigger invisible transactions.
Known as ZeusVM, the Trojan malware lurks undetected until an unwitting user loads their banking website. Then, the code comes to life, acting as an unseen "man-in-the-middle." The Trojan can execute transactions in the account without detection because the customer has been properly authenticated. Money transfers can be initiated as the malware simultaneously covers its tracks so that the real user remains totally unaware of the ongoing hack. The bank sees all of the online activity as customer generated and completely valid.
The malware, embedded in otherwise innocuous computer photo files, can collect personal information, perform online actions and monitor user activity. It is reactivated every time your computer is rebooted. The photo helps conceal the vicious code from being detected by anti-virus security software.
Jerome Segura, senior security researcher for Malwarebytes, says steganography -- the act of hiding information in plain sight -- is an ancient and time-tested method of deception.
"In ancient Greece, secret instructions carved on wood were covered with wax where an innocent message would fool any outsider. In that regard, the bad guys aren't really innovators per se, they are just applying old tricks to modern technology," Segura says in a blog post.
"Hiding malevolent code in such a way can successfully bypass signature-based intrusion detection systems or even antivirus software. From a webmaster point of view, images (especially ones that can be viewed) would appear harmless. It's a reminder that a file should not be considered safe simply because it appears to be a legitimate picture, song or movie."
Written by Hal M. Bundrick for MainStreet