Malicious GIF image conceals attack

Hackers have begun circulating an open source programming language exploit by embedding it in a seemingly harmless image, according to security researchers.

Share

Hackers have begun circulating an open source programming language exploit by embedding it in a seemingly harmless image, according to security researchers.

The exploit was discovered in at least one GIF format image on a major picture hosting website, according to a bulletin from security research and education organisation the SANS Institute.

"It's interesting and scary to find a file that acts like a regular GIF file, but contains a script exploit," wrote Lorna Hutcheson, a researcher at SANS Institute’s security analysis arm, the Internet Storm Centre.

The exploit, coded in hypertext processor (PHP) open source programming code, could be a dangerous new development according to Hutcheson.

"Interestingly enough, the file itself contains a completely legitimate GIF image at the beginning of the file," she wrote. "It is a clever way to pass exploit code to others without it setting off alarms or attracting attention all while bypassing network security tools."

She also suggested the technique could be used to create a Remote File Inclusion attack, where hackers run their own malicious code on an otherwise harmless website.

Find your next job with computerworld UK jobs