Security researchers have identified a new malware strand that steals image files from computers and sends them to a remote server
The program, detected under the name TSPY_PIXSTEAL.A (Pixsteal-A), is a Trojan that opens all .jpg and .jpeg image files, as well as .dmp memory dump files, and delivers copies of the first 20,000 to the FTP server being used by the cyber criminals behind the malware. It is currently only operational on Windows computers, according to Trend Micro's threat response engineer Raymart Paraiso.
"Though it appears tedious, the potential gain for cybercriminals should they be successful in stealing information is high. Users typically rely on photos for storing information, both personal and work-related, so the risk of information leakage is very high," he said in a blog post.
The collected images could potentially be used for identity theft, blackmail or to tailor future targeted attacks on individuals or corporations, Paraiso added.
Rik Ferguson, director of security research and communications told IT Pro: "[I believe] this is the first malware that has particularly focused on such a limited set of file types. In some of the nation state sponsored attacks, stealing photographs is of interest ... but if we are talking about the commercial, cybercriminal, widespread side of things ... then this does represent a shift."
Ferguson claims it is possible we will see more of this type of malware, but it will depend on how successfully Pixsteal-A can be monetised.
"There was a report recently on BBC Newsbeat that said self-generated intimate photos were being stolen and used on porn sites. So there is one obvious way that this kind of activity could bring an income for criminals, but whether it becomes more widely adopted and more widespread depends on how successful [this one is at generating revenue]," Ferguson concluded.
Get the ITPro. daily newsletter
Jane McCallion is ITPro's deputy editor, specializing in cloud computing, cyber security, data centers and enterprise IT infrastructure. Before becoming Deputy Editor, she held the role of Features Editor, managing a pool of freelance and internal writers, while continuing to specialise in enterprise IT infrastructure, and business strategy.
Jane holds an MA in journalism from Goldsmiths, University of London, and a BA in Applied Languages from the University of Portsmouth. She is fluent in French and Spanish, and has written features in both languages.
Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.
Thank you for signing up to ITPro.. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.