Stegosploit – A Technique that can Hack your PC Using Just an Image!

  • 2
    Shares

By merely looking at an image in your browser, you can infect your PC with a malware. Know how from the following post.

This_picture_may_hack_your_computer

Thanks to a technique called Stegosploit, a hacker can infect your system by simply making you load an image on the Internet. You don’t even have to click or download the image.

What is Stegosploit?
Stegosploit is a technique developed by Security researcher Saumil Shah. The researcher presented it at Hack in the Box Conference recently held in Amsterdam. Using this technique, hackers can embed a malicious code inside the pixels [a pixel is a single point in a graphic image] of an image. And once a user loads this image on their browser, the malware will get downloaded automatically. Pictures that carry such codes do not look any different from other images. This technique works for both JPEG and PNG images.

How was Stegosploit developed?
Shah was able to develop this technique using steganography – a primitive technique used since 1499 to transmit messages in a hidden form. A popular example of this technique is writing a secret message using an invisible ink in a letter having a visible, ordinary message. As Shah defines it, “Steganography hides the message in plain sight”.

So what does this mean?
It means that you may download a nasty virus on your system simply by viewing an image on your browser, without even clicking on it or downloading it.

Who are at risk?
The Stegosploit technique can affect Internet browsers that have unpatched security vulnerabilities.

Has Stegosploit been used in the wild?
There have been no reports which can evident the use of Stegosploit in the real world. But this does not mean that it won’t. It is also important to note that, using this technique, hackers can accomplish practically anything such as stealing the victim’s personal data, modifying files, opening a backdoor for other malware, etc.

Precautionary Measures to take
It is only a matter of time before hackers start using techniques such as Stegosploit to deliver malware. So, here are safety measures that one must take to prevent such attacks:

1. Use genuine and popular websites to view or download images.

2. Avoid clicking links in emails to view images; especially when it is from an unknown or unwanted source.

3. Keep your browsers, OS, and software patched and up-to-date.

4. Have a reliable antivirus software in your computer that blocks malicious sites, spam and infected emails.

To know more about this story from a technical point of view, please visit this link.

subscribe to blog button

Rajiv Singha

Rajiv Singha

Follow @Singha_Ra

Subscribe
Notify of
guest
93 Comments
Inline Feedbacks
View all comments
sourav bhakat
sourav bhakat
5 years ago

i luv quick heal

Mirza Naveed Baig
Mirza Naveed Baig
5 years ago

Thanks for inform.

Indrasis
Indrasis
5 years ago

I’ve quickheal pro 16:00. Am I protected or not ?

neeraj
neeraj
5 years ago

hE hE hE
Ekdum SuNdAr Haabe…!

Avinash Shukla
Avinash Shukla
5 years ago

I wish to share this on my facebook page. Please notify if this can be done freely or if there are any conditions, please let me know.

Rahul Thadani
5 years ago
Reply to  Avinash Shukla

Hi Avinash,

You can go ahead and share this on Facebook freely.

Regards.

Avinash Shukla
Avinash Shukla
5 years ago

I wish to share this on my facebook page. Please give permission to do so or if there are any conditions please give them too.

s.m.saxena
s.m.saxena
5 years ago
Reply to  Rajib Singha

good workmanship

Chanolian Satheendran
Chanolian Satheendran
5 years ago

THANKS FOR THIS VALUABLE INFORMATION. I JUST LOVE TO HEAR FROM QUICK HEAL ABOUT THE RECENT DEVELOPMENT.

Bhupendra
Bhupendra
5 years ago

Thank’s for Information.

Bhupendra
Bhupendra
5 years ago

Thank’s for Info.

sajal
sajal
5 years ago

A 14th century technology can be so powerfullly harmful is a real eye opener. Loads of thanks for keeping us informed & on our toes.

stephen
stephen
5 years ago

thanks for the great information

vaibhav
vaibhav
5 years ago

Thanks quick heal

dharmveer
dharmveer
5 years ago

thanks for info

Amit Roy
Amit Roy
5 years ago

Thank,s for info

Thanxx Qick Heal
Thanxx Qick Heal
5 years ago

I have purchased Quick Heal recently but my problem is not yet solved by quick heal from my computer…i am unable to use any external hard disk through my computer

Bhupendra Joshi
Bhupendra Joshi
5 years ago

Very useful. Thanks for information

Nirmal Parekh
Nirmal Parekh
5 years ago

Thanks Quickheal for the updates.

Manav
Manav
5 years ago

Can I tweet this on twitter?

Prakash
Prakash
5 years ago

Usefull information. Thanks

Ruchi Desai
Ruchi Desai
5 years ago

Thanks For sharing information.

pranveer singh
pranveer singh
5 years ago

Thanks !

Rishi
Rishi
5 years ago

Thanks for the message

Santosh Kewat
Santosh Kewat
5 years ago

Dear Sir,

Will you please help me to remove Recycler Virus because as I think Quick Heal Total Security x64 not working on my Windows 8.1 Enterprises x64 machine.

But Quick Heal Hides that folder which is Created by the Recycler Virus Like System Information folder which will become visible if we are uninstalling quich heal or browsing our folder via some other software’s like File Zilla FTP Software even if QHTS already on your machine.

Manohar Gajpalla
Manohar Gajpalla
5 years ago

Thanks Quick Heal Team for safety bulletins. I feel safe with U.

Subhra Kanti
Subhra Kanti
5 years ago

thanks for suggestion

Nitish
Nitish
5 years ago

Many thanks QuickHeal for this new info which you sent real QUICK !

Please can you try to get rid of all sorts of HACKERS from the INTERNET ?

If yes, then CONGRATES. If No, then Why ?

Regards

Shibu John
Shibu John
5 years ago

Absolutely eye opening info. Hats off to Quick Heal Engineers.

Arunava Chakrabarty
Arunava Chakrabarty
5 years ago

thank you for informing…

Shailendra Chari
Shailendra Chari
5 years ago

This seems to be really dangerous. Can Quick Heal detect it and stop it from harming my PC. Please also tell me how to check if any website or e-mail message is safe to open and download.

Jason Silva
Jason Silva
5 years ago

Singha,
Why you are promoting users to click on that FB page?
Th page is looking like phishing age, not really looking original. Sorry, but I told what I think.
I would like to share it on FB but I will share the link.

biswa
biswa
5 years ago

I just want to download a free tally erp 9… i thought i am downloading tally, after 7 % downloading, i got suspicious about this software (tally). i suddenly stopped using task manager, because there is no options for close and abort the software installations. after that i have to remove so many software from control panel becoz suddenly a few unknown and unrequited software installed automatically. after that my google crone getting problem with crashed. while also i play chess in chess.com… a new tab open automatically and redirect to another page. after that i thought i should have… Read more »

Shaheena Sheikh
Shaheena Sheikh
5 years ago

I had already subscribed Quick Heal Total Security both in my laptop and my PC. I really safe…

R hemmadi
R hemmadi
5 years ago

Does quickheal has safety against these images?

Anant
Anant
5 years ago

Sometimes, I am unable to update guardian antiVirus software online. Though, i have submitted system report to support team, problem not solved till date.

Anant
Anant
5 years ago

I am unable to update my guardian antivirus. Though i have submitted system report to support team, problem not solved till date.

dj omdas
dj omdas
5 years ago

thanks quick heal

meet hirani
meet hirani
5 years ago

quick heal is make seedy my pc so i very like quick heal

Avinash
Avinash
5 years ago

i luv quick heal

K K Reddy
K K Reddy
5 years ago

Yeomen service from QH. Thank you

Manish
Manish
5 years ago

We have quick heal internet security, will it work?

Rahul Thadani
5 years ago
Reply to  Manish

Hi Manish,

Yes, Quick Heal Internet Security will work in this scenario.

Regards.

MAYURESH K KULKARNI
MAYURESH K KULKARNI
5 years ago

Thanks a lot for giving such valuable information!!!!!
Sir, actually I have some query that I have installed quick heal on my mini laptop. Instead I went through once malware scan and it showed me there are malwares(adwares) on my computer system. So how is this possible? Also, if I clicked on the clean option will my affected files be safe? There is option set restore point before cleaning should I use this?
Please guide me sir.
THANKS.

Rahul Thadani
5 years ago

Hi Mayuresh,

Thank you for writing in. Please rest assured that Quick Heal is protecting your system from all types of infections. We request you to get in touch with our Support Team so that they can help you solve this issue:

1. You can submit your query at https://bit.ly/Askus. The team will get back to you with a solution.
2. You can also contact them at 0-927-22-33-000.
3. Alternatively, you can chat with our engineers by visiting this link >> https://bit.ly/QHSupport >> Chat with Us

Regards.

M.J.Basha
M.J.Basha
5 years ago

Quickheal Xlent working Tnqu Quickheal Teem….

asok mukherjee
asok mukherjee
5 years ago

thanks, I have quickheal.

D Doshi
D Doshi
5 years ago

Quickheal The Best.
Thanks for informing about this Virus 🙂

JONY MALIK
JONY MALIK
5 years ago

THANK YOU SIR
FOR SHARING INFORMATION AMONG THE PEOPLE..

ManasH SaikiA
ManasH SaikiA
5 years ago

I have Quick Heal Total Security 2015 PRO. I hope i will get protect….

Rahul Thadani
5 years ago
Reply to  ManasH SaikiA

Hi Manash,

Yes, with Quick Heal Total Security you are secured against this threat.

Regards.

Anop rajpurohit
Anop rajpurohit
5 years ago

wander ful

santoshkumar shukla
santoshkumar shukla
5 years ago

thanks for information….thanks quick heal team.

vrajesh soni
vrajesh soni
5 years ago

i have quick heal total security.i hope i will protect.am i safe or not with quick heal total security?

Rahul Thadani
5 years ago
Reply to  vrajesh soni

Hi Vrajesh,

Yes, your system is safe against this with Quick Heal Total Security.

Regards.

siva
siva
5 years ago

I downloaded old version antivirus 14.00 version but I could not upgrade to 2015 version so how can I update without downloading I am using old version

93
0
Would love your thoughts, please comment.x
()
x