Techly NewsGet the app

Get the latest tech news

Ars Technica used in malware campaign with never-before-seen obfuscation — Buried in URL was a string of characters that appeared to be random, but were actually a payload


Vimeo also used by legitimate user who posted booby-trapped content.

Ars Technica was recently used to serve second-stage malware in a campaign that used a never-before-seen attack chain to cleverly cover its tracks, researchers from security firm Mandiant reported Tuesday. A benign image of a pizza was uploaded to a third-party website and was then linked with a URL pasted into the “about” page of a registered Ars user. Opening the same file in a hex editor—a tool for analyzing and forensically investigating binary files—showed that a combination of tabs, spaces, and new lines were arranged in a way that encoded executable code.

Get the Android app

Or read this on r/technology

Read more on:

Photo of string

string

Photo of characters

characters

Photo of Ars Technica

Ars Technica

Related news:

News photo

Japan Makes First Moon Landing With Precision Space Probe

News photo

Final Fantasy 16's first DLC opens that one mysterious door - and its characters minds

News photo

Baldur's Gate 3 characters were once "very old" and "ugly"

« YouTube TV listened to sports fans, and it’s fixing multiview’s biggest problem
EA CEO shares his thoughts on a sports metaverse »