Hackers Use Malware to Steal Photos, Blackmail Users

Trend Micro researchers have analyzed an image file-stealing threat

  Files stored on TSPY_PIXSTEAL.A's FTP server
Experts have identified an interesting piece of malware whose main goal is to steal all the picture files from an infected computer and upload them to a remote FTP server.

Experts have identified an interesting piece of malware whose main goal is to steal all the picture files from an infected computer and upload them to a remote FTP server.

The picture files we store on our computers often hold valuable information. Whether it’s work-related stuff, documents containing personal information, or those pictures stored in hidden folders we hope no one will ever see, any of them could represent a highly valuable loot for cybercriminals.

.JPG, .JPEG, and .DMP file can contain information the crooks can use for identity theft, blackmail or targeted attacks. This is probably why the main goal of the TSPY_PIXSTEAL.A malware identified by Trend Micro is to swipe these types of files from infected computers.

TSPY_PIXSTEAL.A scans the affected machine for the aforementioned files and copies them all into its own directory.

When this task is complete, it connects to an FTP server and uploads the first 20,000 files.

“Securing data — including files such as images — is every user’s responsibility. Part of that responsibility, of course, is to prevent being infected by malware,” Trend Micro’s Threat Response Engineer Raymart Paraiso advised.

1 Comment