Trend Micro security researchers have identified a new threat that they have called “Malicious memes.” Basically, it’s a new type of malware that receives its code instructions hidden in memes posted on Twitter. Cybercriminals exploiting this by using an old technique (stenography) to hide malicious code in images and evade security, the novelty here is that they are using the technique in images that are shared in the social network.
The malware is itself not downloaded from Twitter and the process used to infect users has not yet been identified. It is a remote access Trojan that when infecting the computer can take screenshots and steal other system data that it then sends to its control server.
Is It An Experiment
Trend Micro identified the hackers and published two tweets with malicious memes last October through a Twitter account created in 2017. The memes contained an embedded command that the malware analyzes once it is downloaded to the computer of the victim.
The interesting thing about all this is that the malware is using Twitter as a medium to communicate with its malicious central. For example, two tweets contained “/ print” commands on the images that told the malware to take a capture on the infected computer.
Loe’s memes could also contain commands to steal the contents of the computer’s clipboard, file names in specific folders, or obtain a list of all the apps and processes running on the system. There is still much to be learned to understand how the new threat works, researchers believe it could be a proof of concept for future attacks. The account was permanently suspended from Twitter after the Trend Micro report.