Quote:Attackers behind a new malicious campaign are using WAV audio files to hide and drop backdoors and Monero cryptominers on their targets' systems as BlackBerry Cylance threat researchers discovered.
While various other malware peddlers were previously observed injecting payloads in JPEG or PNG image files [1, 2, 3] with the help of steganography, a well-known technique used to evade anti-malware detection, this is only the second time threat actors were seen abusing audio files for their malicious purposes.
Recently, Cylance found that the same steganography method was employed to infect targeted devices with XMRig Monero cryptominers or Metasploit code designed to establish a reverse shell.
"Each WAV file was coupled with a loader component for decoding and executing malicious content secretly woven throughout the file’s audio data," says the report. "When played, some of the WAV files produced music that had no discernible quality issues or glitches. Others simply generated static (white noise)."
Read more here: https://www.bleepingcomputer.com/news/se...dio-files/
![[-]](https://www.geeks.fyi/images/collapse.png)
