According to Metro, One of the first images taken by Nasa’s James Webb Telescope is being used by hackers in a phishing scam. A security analytics platform, Securonix, uncovered the new computer security threat that uses the James Webb Space Telescope‘s first public image to spread malware.
The attack is called ‘GO#WEBBFUSCATOR’ and reportedly starts with a phishing email containing a Microsoft Office attachment. If a receiver opens the attachment, a URL within the document’s metadata downloads a file with a script, which runs if certain Word macros are enabled. This, in turn, downloads a copy of Webb’s First Deep Field photo, containing malicious code.
Clever scammers will look at anything to drive malware onto victim’s computers and unfortunately pictures can be that vehicle. This particular malware is not easily detectable at first by antivirus software either so users must urge extra caution to unsolicited messages and emails. When links embedded in pictures or emails open up Word, malicious code is looking for those who enable macros within the document which means hackers can take control of the system and consequently cause damage. Macros are tiny little programs within Word and can offer cool little features, however, like any program they can be abused so it is safer to disable all macros can help keep Word protected and you should never enable them even if prompted.