How can malware be attached in image files such as a JPEG image?
Asked
Active
Viewed 2,818 times
3 Answers
0
The most common attack method with attaching malware to an image file (or any file for that matter) is to hide an executable file with a different file extension.
For example in your case, a victim might think he is downloading the file wallpaper.jpg when in reality he is downloading the file wallpaper.exe that has been renamed with the JPEG file extension.
Other methods involve the use of Steganography, which involves hiding code inside the image itself, such as javascript of malware or exploits.
Gavin Youker
- 1,270
- 1
- 11
- 23
-1
The jpeg file may have a double extension, example.jpg.exe. It may also have data embedded in it which a separate piece of malware that looks harmless uses as instructions to perform a malicious action.
NotADoctor
- 1
- 2
-
but this is not an image file, it's an executable made to look like an image file in a directory listing – schroeder Dec 01 '16 at 07:58
-
That is true but the second part of my answer involves the code being embded into the image. I will try an elaborate on that but if you have more information that would be great. – NotADoctor Dec 01 '16 at 10:06
-
but the question was "how" it is attached – schroeder Dec 01 '16 at 17:33
-
@schroeder thanks for pointing towards the duplicate article that answers this :) – NotADoctor Dec 20 '16 at 17:19
-1
The most simple way would be if a person doesn't have "show files extensions" option checked, then you can name your exe file like "house.jpg" (that is the name, so basically it is house.jpg.exe). You can't use regular dot from the keyboard tho, you need to find special dot in the table of characters. I know that this isn't the answer for your question, but it could help.
-
1but this is not an image file, it's an executable made to look like an image file in a directory listing – schroeder Dec 01 '16 at 07:58