Advice Request How to defend against Stegosploit?

Please provide comments and solutions that are helpful to the author of this topic.

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
Phones arent vulnerable to this kind of "attack" and neither is your Windows, this is just fearmongering crappy at its finest.

Dont worry, you have Cruel Comodo anyway right?


Reference:


Dont believe the hype about exploits, fileless malwares and all the stupid doom made about it.
 

camo7782

Level 4
Thread author
Verified
Apr 29, 2019
168
Phones arent vulnerable to this kind of "attack" and neither is your Windows, this is just fearmongering crappy at its finest.
Well it is what investigation agencies use, that I know of only Apple Phones are safe. But perhaps there is something we can do on windows machines since Android is 100% vulnerable to this. You can download a sample and test it if you think you are safe.
 
  • Like
Reactions: Dave Russo

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
Well it is what investigation agencies use, that I know of only Apple Phones are safe. But perhaps there is something we can do on windows machines since Android is 100% vulnerable to this. You can download a sample and test it if you think you are safe.

I dont think I am safe, I am actually safe.

I am not a target for state actors and neither are you, I doubt that NSA and similar sponsored organizations would waste a zero-day exploit with us.

About Android, where you read about Stegosploit and 100 % vulnerability? This doesnt make any sense, Android Pie (with security patches) is a bit less secure than iOS 12 but it isnt a swiss cheese, especially if Google Play Store/Protect are used combined with user awareness (apps permission/sandbox).
 
Last edited:

AriDfoix

Level 3
Verified
Sep 2, 2018
125
Seems at 0:44 is using PowerShell, so I think NoVirusThanks SysHardener maybe one solution, another sollution maybe a default/deny policy, I think those payloads on Windows works more or less using some common points. Not sure about this anyway.

Those payloads usually them use common entry points, sometime someone good malware author push new one using 0day, but i think is hard.
 

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
Seems at 0:44 is using PowerShell, so I think NoVirusThanks SysHardener maybe one solution, another sollution maybe a default/deny policy, I think those payloads on Windows works more or less using some common points. Not sure about this anyway.

No, Stegosploit (not a exploit anyway) doesnt have anything with PowerShell per se, it is just a technique to hide code inside images, but you still need the exploit (browser oriented specifically) to make everything works.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top