Hackers Are Using NASA's James Webb Space Telescope Image to Spread Malware

According to cybersecurity company Securonix, hackers are hijacking James Webb Space Telescope image files to transmit malware on Windows computers.

A particularly well-known deep field image that was altered by hackers to infect target devices was found by the company's research team to be a part of NASA's first batch of Webb photographs released in July.

SMACS 0723
The James Webb Space Telescope of NASA has created the most detailed and precise infrared image of the far reaches of the cosmos to date. This incredibly detailed image of the galaxy cluster SMACS 0723 is known as Webb's First Deep Field. Webb's perspective has seen the first appearance of thousands of galaxies, including the infrared universe's weakest objects. This portion of the enormous universe fills a piece of sky about the size of a grain of sand stretched out at arm's length. On July 11, the photograph was released by President Joe Biden during a White House ceremony. NASA, ESA, CSA, and STScI

Malicious Deep Space Image

Securonix said that the malicious deep space image is included in a Microsoft Office document that the hackers are phishing users with.

"The image contains malicious Base64 code disguised as an included certificate," Securonix's cybersecurity researchers wrote in a blog post.

"At the time of publication, this particular file is undetected by all antivirus vendors according to VirusTotal," the firm added.

The multistep attack, known as "GO#WEBBFUSCATOR," starts as a normal phishing email, which includes a file that appears to be a Microsoft Office document attachment.

If a user has specific Word macros enabled, the application will then run after being downloaded, at which point it will download an additional file, in this case through the Webb Telescope's SMACS 0723 photo fronting a Base64 code.

Once activated, the malware performs several tests to identify a computer's vulnerabilities that the hackers can later use against it.

Why Did the Hackers Use The Deep Space Image?

According to Securonix's vice president Augusto Barros, there's a good reason why Webb's space image was chosen to spread malware. He explained that if the photo was flagged for review by an anti-malware app, the reviewer may miss it since the image has been circulated over various channels.

And since James Webb Space Telescope's images have high resolutions, their file size is also large, according to Barros. Hence, this helps removes any suspicion connected to the size of the file.

Barros claims that using a picture from the Webb Telescope isn't even the most exciting feature of GO#WEBBFUSCATOR; rather, it's the coding language used to create it, which is Go or also known as Golang.

Go is a comparatively recent programming language that was first introduced in 2009. Its cross-platform flexibility has swiftly acquired popularity, and it only recently received its stable release on August 2, according to Popular Science.

This article is owned by Tech Times

Written by Joaquin Victor Tacla

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics