December 10, 2024

Valley Post

Read Latest News on Sports, Business, Entertainment, Blogs and Opinions from leading columnists.

Hackers have discovered a new way to use emojis in their cyber attacks

Hackers have discovered a new way to use emojis in their cyber attacks

Emojis have become very popular in recent years as a way to quickly express thoughts and feelings. However, hackers have now come up with a clever new way to use it in their attacks.

as mentioned Internet newsA group of hackers has found a way to modify the popular messaging service Discord for use in Command and Control (C2). Hackers using Discord in their attacks is nothing new, but it is a Report from cybersecurity company Volexity It highlights how this group uses the service as well as a series of popular emojis.

Earlier this year, The Government of India was attacked by a Linux malware called Digomoji. The hackers behind the malware appear to be from Pakistan and have used the C2 communication emoji in several successful espionage campaigns.

How does Degomoji work?

To get initial access, Researchers believe the responsible hackers used phishing attacks and malicious documents as bait. But once the Digomoji malware is installed on a vulnerable system, it creates a dedicated channel on the Discord server so that each victim has their own separate channel.

then, Disgomoji sends a check-in message back to the hackers containing the target device’s IP address, username, hostname, operating system, and current working directory. To make matters worse, The malware persists and remains on the infected system even after a reboot.

Although we don’t need to worry about this specific strain of malware just yet, the way the hackers behind this campaign are using emojis to speed up their malicious activities is very interesting and could be a tactic we see threats from other actors imitating in the future.

See also  Planetary Defense Test: On Monday night, DART will collide with asteroids

com. emojis
Source unsplash.com / Domingo Alvarez E

ΞΌΞ΅ emoji hack

Instead of typing long strings of commands, Hackers who deployed Disgomoji on a targeted system could use the emoji to communicate malware. They send an emoji to the target’s Discord channel and the malware does the rest. However, Disgomoji uses clock emoji to let hackers know that a command has been processed and shows a β€œmark button” emoji when the command is executed successfully

Check out the Volexity table which contains some other emojis used to communicate malware:

Emoji Emoji name very
πŸƒβ€β™‚οΈ Man running Executing a command on the victim’s device
πŸ“Έ Camera with flash It takes a screenshot of the victim’s screen and uploads it to the command channel.
πŸ‘‡ Pointing down Download files from the victim’s device and upload them to the command channel as file attachments
☝️ Pointing up Download a file on the victim’s device
πŸ‘‰ Pointing to the right Upload a file from the victim’s device to a remote file storage service
πŸ‘ˆ Pointing to the left Uploading a file from the victim’s device to a different remote file sharing service.
πŸ”₯ fire It searches for all files matching a pre-defined list of extensions on the victim’s device and sends them
🦊 Fox Extract all Firefox profiles from the victim’s device
πŸ’€ Skull End the malware process

Discord is also unable to disable Disgomoji operations because once a malicious server is blocked, the malware is able to recover by updating its credentials from a C2 server controlled by the hackers.

the Malware also has additional features to perform its tasks, Which includes scanning the victim’s network, network tunneling, and accessing a file sharing service to download and host the stolen data. Surprisingly, Disgomoji can also pretend to be a Firefox update and can even ask victims to manually type in their passwords.

See also  The new GeForce RTX 4070 Megalodon from ASUS gets power only from the motherboard - Asus

How to stay safe

Although this particular strain of malware probably won’t be used to target consumers anytime soon, you should be wary of hackers if you don’t want your bank account emptied or your identity stolen.

The easiest and simplest way to protect yourself from hackers is to use updated software. This is because hackers like to target users who are using outdated software that still contains unpatched security vulnerabilities. Although it may be annoying, taking the time to install a new operating system or update Chrome can save you from falling victim to hackers.

from now on, You need to make sure that you are using the best security software From viruses on your Windows PC, best antivirus software on Mac, and one of the best antivirus apps for Android on your smartphone.

At the same time, You should be more careful when checking your inbox or messages to avoid phishing attacks. Be wary of emails or messages from unknown senders, avoid downloading any files or attachments, and do not click on any links they contain. You should also avoid letting your emotions control you. Hackers often try to instill a sense of urgency in you to make you act quickly and not think things through.

Hackers are always finding clever new ways to reuse popular tools, programs, and services, and now it seems they’ve managed to do exactly the same thing with emojis.

source: FOXreport.gr