Advice Request How to defend against Stegosploit?

camo7782 · Jun 8, 2019

Any idea, test or direct experience of methods that actually works to protect PC and phones from this kind of attack?

How to Hack a Computer Using Just An Image

Stegosploit: Hack a Computer Using Just An Image

thehackernews.com

Nightwalker · Jun 8, 2019

Phones arent vulnerable to this kind of "attack" and neither is your Windows, this is just fearmongering crappy at its finest.

Dont worry, you have Cruel Comodo anyway right?

Reference:

Introducing Elastic Endpoint Security

www.endgame.com

Dont believe the hype about exploits, fileless malwares and all the stupid doom made about it.

Ink · Jun 8, 2019

You don't. Nothing is going to happen. You are not a target.

camo7782 · Jun 8, 2019

Nightwalker said:
Phones arent vulnerable to this kind of "attack" and neither is your Windows, this is just fearmongering crappy at its finest.

Well it is what investigation agencies use, that I know of only Apple Phones are safe. But perhaps there is something we can do on windows machines since Android is 100% vulnerable to this. You can download a sample and test it if you think you are safe.

Nightwalker · Jun 8, 2019

camo7782 said:
Well it is what investigation agencies use, that I know of only Apple Phones are safe. But perhaps there is something we can do on windows machines since Android is 100% vulnerable to this. You can download a sample and test it if you think you are safe.

I dont think I am safe, I am actually safe.

I am not a target for state actors and neither are you, I doubt that NSA and similar sponsored organizations would waste a zero-day exploit with us.

About Android, where you read about Stegosploit and 100 % vulnerability? This doesnt make any sense, Android Pie (with security patches) is a bit less secure than iOS 12 but it isnt a swiss cheese, especially if Google Play Store/Protect are used combined with user awareness (apps permission/sandbox).

AriDfoix · Jun 8, 2019

Seems at 0:44 is using PowerShell, so I think NoVirusThanks SysHardener maybe one solution, another sollution maybe a default/deny policy, I think those payloads on Windows works more or less using some common points. Not sure about this anyway.

Those payloads usually them use common entry points, sometime someone good malware author push new one using 0day, but i think is hard.

Nightwalker · Jun 8, 2019

AriDfoix said:
Seems at 0:44 is using PowerShell, so I think NoVirusThanks SysHardener maybe one solution, another sollution maybe a default/deny policy, I think those payloads on Windows works more or less using some common points. Not sure about this anyway.

No, Stegosploit (not a exploit anyway) doesnt have anything with PowerShell per se, it is just a technique to hide code inside images, but you still need the exploit (browser oriented specifically) to make everything works.

Search

Advice Request How to defend against Stegosploit?

camo7782

Level 4

How to Hack a Computer Using Just An Image

Nightwalker

Level 24

Introducing Elastic Endpoint Security

Ink

Administrator

camo7782

Level 4

Nightwalker

Level 24

AriDfoix

Level 3

Nightwalker

Level 24

Similar threads