Innocent-Looking GIFs Host Malware Attacks

Hackers have begun circulating a PHP exploit embedding it in a seemingly harmless GIF image, according to security researchers.

The exploit was discovered in at least one GIF on a major image-hosting website, according to a bulletin from the SANS Institute's Internet Storm Center (ISC) on Tuesday.

"It's interesting and scary to find a file that acts like a regular GIF file, but contains a script exploit," said SANS ISC handler Lorna Hutcheson in the bulletin.

The exploit, coded in PHP script, could be a dangerous new development, Hutcheson said.

"Interestingly enough, the file itself contains a completely legitimate 1x1 gif image at the beginning of the file," she wrote. "It is a clever way to pass exploit code to others without it setting off alarms or attracting attention all while bypassing network security tools."

She also suggested the technique could be used to create a Remote File Inclusion attack, an attack that lets hackers run their own malicious code on an otherwise harmless website.

Join the Discussion
You are using an outdated version of Internet Explorer. Please click here to upgrade your browser in order to comment.
blog comments powered by Disqus
 
You Might Also Like...
See It, Share It
Lisa Kudrow
Seth Poppel/Yearbook Library | Getty Images
PHOTO: Salvager Eric Schmitt was combing through the wreckage of a convoy of Spanish ships that sank off the coast of Florida in 1715 when he discovered a missing piece from a gold Pyx.
Courtesy 1715 Fleet - Queens Jewels, LLC
PHOTO: Motorists were startled when an axe from a dump truck in front of them flew at their windshield.
Massachusetts State Police/Facebook