"PNG Image Metadata Leading to iFrame Injections"

Venustus · Feb 5, 2014

Researchers have discovered a relatively new way to distribute malware that relies on reading JavaScript code stored in an obfuscated PNG file’s metadata to trigger iFrame injections.

More here:
http://threatpost.com/png-image-metadata-leading-to-iframe-injections/104047

Deleted member 178 · Feb 5, 2014

my advice: do like me , uninstall Java

viktik · Feb 5, 2014

i don't install java runtimes.
Most people don't need java runtime. Such a huge security risk.

Venustus · Feb 5, 2014

Same here, no Java on any of my machines!

Prorootect · Feb 6, 2014

Hey, folks! JavaScript it's not this same than JAVA!
I don't have JAVA, my too of course.

- My JavaScript works here, if I wish!

Look too (why not..) on the topic:

Remove Exif online - Free online image analysis : http://malwaretips.com/threads/remove-exif-online-free-online-image-analysis.14412/

Ramblin · Feb 6, 2014

Ramblin

illumination · Feb 6, 2014

bo.elam said:
You got that right Pro. Lots of people get them confused.

To protect yourself against malicious javascript/IFRAMES, start using Firefox with NoScript, even better if you run Firefox sandboxed (Sandboxie).

Bo

Noscript will do it, but one must remember that by default, iframes is not ticked on to block in Noscript, you have to manually go into settings to do so.. Excellent extension it is though, the best you can get in my opinion.

Search

"PNG Image Metadata Leading to iFrame Injections"

Venustus

Level 59

Deleted member 178

viktik

Level 25

Venustus

Level 59

Prorootect

Level 69

Ramblin

Level 3

illumination

Similar threads