Forum Thread: How to Infect a Device?

I don't believe that people are so stupid to download a file named update.apk or I ask other methods to infect. Like visiting a link, or download an image or pdf. It is possible to infect with an image? I saw some tutorials that hide an exe file in an image..What do you think?

5 Responses

There are two ways to infect a device. One is a malicious application is installed. The other way is to exploit a vulnerability in software. This can be the operating system itself or an application.

Believe it or not but the majority of infections are user installed by people opening exe files or other executables. (On windows scr, com and cmd can also execute) Some are tricked into installing it, some believe the file is something not harmful.

A common way to trick someone is to name a file Anyname.jpg.exe Windows by default will only show Anyname.jpg

thank you for your response!
How about visiting a link?

In terms of images, in December last year ESET found tricky advertising PNG's embedded with transparent layers of JavaScript which would invisibly open browser windows with (offscreen) tinyurl destinations which would attempt to immediately download malware executable. Similar (stegno) attacks have been used with JPEGs, PDF documents and other media formats too. BUT the point here is that viewing the image, at best (or worst - in a security sense), allows a browser or plugin to run some pretty limited script which acts as a vehicle to the actual malware (.exe or whatever) onto the user's box for execution by the user (or perhaps system). The executable payload itself is not and cannot (from my understanding) be somehow magically encoded/embedded/bound into the image itself for immediate pwnage upon remote viewing.

I have heard of 'malicious images' in the context of local execution/viewing by the user, though. Essentially, a bad guy constructs an image which exploits known flaws/vulnerabilities in the user's local viewing software/environment so that when the user opens the image, the exploit is triggered. The most common example of this involves constructing an image which over-reports its dimensions to the image viewing software such that the system allocates too much temp memory. This can then be used in a buffer overflow attack if the right data is read into it. BUT, c'mon, for most of us, this is la la land stuff.

So really, Traveller is correct in saying that your best bet in using an image as a vehicle for a hack/malware infusion is for the image... to not be an image at all. That is, using icon/extension/social context manipulation to fool your user into opening an image file which is anything an image file. I know you say "I dont believe anyone would be so stupid"... but you would be surprised/horrified. Obviously "1337pwnage.exe" (with skull'n'crossbones icon) is unlikely to work but I'm sure you can think or other senarios which, in the right context, with a bit of social engineering, may.

Happy hacking and good luck!

Thank you so much for the resposne!

Share Your Thoughts

  • Hot
  • Active