Scumbags are using a photo from the James Webb Space Telescope to smuggle Windows malware onto victims’ computers – albeit in a roundabout way.
The malicious code, written in Go, is hidden in a .jpeg of the stunning first proper image taken by the recently deployed spacecraft.
More specifically, the obfuscated code is Base64-encoded and included in the .jpeg disguised as a certificate. The payload, dubbed GO#WEBBFUSCATOR, was not detected as malicious by antivirus engines in VirusTotal. This is all according to researchers at cybersecurity firm Securonix, who said they spotted and inspected the .jpeg’s contents.
Source: The Register