Hackers Are Using NASA Telescope Images To Push Ransomware

By   ISBuzz Team
Writer , Information Security Buzz | Sep 07, 2022 08:27 am PST

According to Metro, One of the first images taken by Nasa’s James Webb Telescope is being used by hackers in a phishing scam. A security analytics platform, Securonix, uncovered the new computer security threat that uses the James Webb Space Telescope‘s first public image to spread malware.

The attack is called ‘GO#WEBBFUSCATOR’ and reportedly starts with a phishing email containing a Microsoft Office attachment. If a receiver opens the attachment, a URL within the document’s metadata downloads a file with a script, which runs if certain Word macros are enabled. This, in turn, downloads a copy of Webb’s First Deep Field photo, containing malicious code.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Global Cyber Security Advisor
September 7, 2022 4:35 pm

Clever scammers will look at anything to drive malware onto victim’s computers and unfortunately pictures can be that vehicle. This particular malware is not easily detectable at first by antivirus software either so users must urge extra caution to unsolicited messages and emails. When links embedded in pictures or emails open up Word, malicious code is looking for those who enable macros within the document which means hackers can take control of the system and consequently cause damage. Macros are tiny little programs within Word and can offer cool little features, however, like any program they can be abused so it is safer to disable all macros can help keep Word protected and you should never enable them even if prompted.

Last edited 1 year ago by Jake Moore

Recent Posts

Would love your thoughts, please comment.x