Last week, a software company that develops antivirus programs reported the discovery of malicious code hidden in WAV audio files, including malware known as "steganography," in which hackers hide malware codes in ordinary-looking files. The report notes that when played, some of the WAV files produced music with no discernible quality issues, while others simply generated static. The malicious WAV files enable hackers to steal processing resources from unwitting users and use it to mine cryptocurrency. The report goes on to explain the three methods the WAV file loaders employ to decode and execute the malicious code, and provides in-depth technical details on the WAV file loaders and indicators of compromised (IOCs), including malware sample hashes and C2 infrastructure.
For more information, please refer to the following links:
- Malicious Payloads – Hiding Beneath the WAV
- Hackers Use Malicious Code in WAV Audio Files To Mine Cryptocurrencies
- Spams meet Cryptocurrencies: Sextortion in the Bitcoin Ecosystem
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.