Hackers are using a Webb Telescope photo to hide Complex Virus

Securonix, a security analytics and operations management platform, has discovered a new computer security threat.

that utilizes the James Webb Space Telescope's first public image, SMACS 0723

[{"selector":"#anim-a4c0f153-084e-4972-9b07-e45c63cd2fc9","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-e0171e85-91e7-4346-9883-1bad14d04d7b","keyframes":{"transform":["translate3d(-108%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-2f4ca8bd-d3ca-4496-a060-2f9020adb409 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(22.255378924202084%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":4000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}]

as a component in its impressively complex malware campaign.

[{"selector":"#anim-72f9dea4-000a-4636-b618-fd7ead5dcf4c [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-26.972656154002962%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":4000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] [{"selector":"#anim-9b0fae41-0423-40d9-ba61-c770143bf1ae","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.4, 0.4, 0.0, 1)","fill":"both"}]

Dubbed “GO#WEBBFUSCATOR,”

[{"selector":"#anim-8a9e610a-34b3-4087-a65c-d9babd5e0b9f [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(30.68730914018672%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":4000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}]

the multistep attack first originates as a typical phishing email containing a file made to look like Microsoft Office document attachment.

[{"selector":"#anim-f3b54ee0-57b2-44a2-8ec8-ea3808517ef9 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1.5)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] Fill in some text

[{"selector":"#anim-cd30e1ab-72af-4ab4-993b-a8c2c671c121 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(34.179687404002955%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] If a user has certain Word macros enabled, the program will run after downloading. If a user has certain Word macros enabled, the program will run after downloading.

Then it downloads another file—in this case, the Webb Telescope's SMACS 0723 photo with a Base64 code.

[{"selector":"#anim-f7d9c4f7-7af2-4535-82e9-2f3264c8d4ee [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1.5)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}]

Once executed, the malware performs various tests to identify a computer's weaknesses, which the hackers can then exploit.

[{"selector":"#anim-3a64868d-f9ab-4761-8161-d9c3128781fd [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-31.281120218364773%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":4000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}]

Although GO#WEBBFUSCATOR's end-goal remains unclear, it's still a particularly nasty and ingenious way to infect countless victim's device

[{"selector":"#anim-78602f95-f170-4aee-a300-7626609e1a11 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-44.21319787078477%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":6000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}]

Share this story to spread awareness to your friends and families!

[{"selector":"#anim-11e1a249-e486-4b55-958c-604abbe70152 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(-1.497294059146526%, 0%) scale(1.5)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":8000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}]