We are living in an age where user security being breached is one of the most familiar headlines we come across in the cybersecurity sphere, attackers have continued to discover unprecedented ways to compromise user data and have strengthened the older ones.
A widely used technique which allows hackers to break into computers and extract user data without getting noticed is resurfacing again, this time making the detention even more complex by embedding the malware inside audio files resembling the regular WAV format audio files on the computer, according to the cybersecurity researchers at Cylance, a California based software company that develops antivirus programs and other software to prevent malware.
Hackers employed a method known as ‘Steganography’ to hide and deliver malware, it involves hiding a file, video or message with the help of some other file. Researchers at Cylance discovered the malicious code embedded inside the WAV audio files with each file containing a ‘loader component’ which decodes and executes the malware. The threat actors carry out these malicious activities using a crypto mining application known as XMRig Monero CPU Miner.
Although, hackers have used viruses and spyware to infect files and break into computers previously, this is the first time ever where a file has been explicitly used to deliver a crypto mining software into a system. Cybercriminals are always looking to undo the measures taken by security officials. It is evident from how they are now employing even sophisticated strategies as earlier, the only way to deliver crypto mining malware was through malicious scripts on browsers, websites or software programs that came with malware.
Referencing from the statements given by Josh ..