Malware in redistributed James Webb Space telescope images – but we use JWST images here at Smart Thinking!

Here is a story that shows you always have to keep your guard up when dealing with cyber-security, as the threat landscape is constantly changing and the threat actors will always choose vectors that are in the news.

This particular attack comes right back here to Smart Thinking – malware embedded into redistributed images from the James Webb Space Telescope.

Hackers hide malware in James Webb telescope images (bleepingcomputer.com)

The attack is a combination of an email phishing campaign, with some social engineering to get you to access the malicious document s and space images – and has been named ‘GO#WEBBFUSCATOR’. The attack was discovered by researchers at Securonix and they found it is written in Golang, a cross-platform (Windows, Linux, Mac) programming language, cyber criminals are using more frequently as it offers increased resistance to reverse engineering and analysis.

The infected image is of the galaxy cluster SMACS 0723, published by NASA in July 2022. That’s what you see if you open it in an image viewer but open it in a text editor and a Base64 encoded malicious payload is revealed.

The Bleeping Computers article describes the details of the attack process.

I regularly feature Nasa projects in my “Because It’s Friday” feature – a feature that developed as this website cannot just be cybersecurity doom and gloom. The topics jump around and cover such things as artificial intelligence, flying cars, funnier technology stories and of course space – I am a child of the ’60, I watched Neil Armstrong step off onto the moon.

Let me say that I only source my images from the official NASA James Webb Space Telescope website – mainly because I always want to credit the images I use (that is my ex-professional photographer side coming out), not so much for the cyber security concerns. Now of course my thinking may be different.

Your takeaway from this story – read the first paragraph, above, again and always read “Because It’s Friday”!

Clive Catton MSc (Cyber Security) – by-line and other articles

p.s.

Before I wrote this blog past, I had already scheduled this week’s “Because It’s Friday” post – of course it features an image from the James Webb Space Telescope! Sourced directly from NASA and credited to their people.

Do you want your team to recognise phishing emails and social engineering attacks?

Have a looking at our cybersecurity training site over at CyberAwake:

CyberAwake | Cyber Security Experts and Awareness in Lincoln

cyberawake

Further Reading

James Webb Space Telescope at Smart Thinking Solutions

Because It’s Friday at Smart Thinking Solutions

james webb space telescope 200