Hackers attack using pornography

Sina Technology News several anti-virus companies and Internet security organizations has issued safety warnings, malicious hackers have begun to spread Presence network news group "JPEG loopholes" in the pornographic images, this is the first time reports that hackers began Use "JPEG loophole" attacks on the public. "JPEG vulnerability" Microsoft United States for 9 published on 14 of a security vulnerability, there is the problem if a user downloaded a JPEG image, it could lead to computer Shangpianzhuang Yuan Cheng control software, Conger malicious hacker also Huode of Mubiaozhuji remote control.

Hackers will be there "JPEG vulnerability" of pornographic images posted on various Internet news groups, mainly because usually a lot of network users through network news group to share pornographic images. According to network security forum Bugtraq and Easynews.com published information, hackers in Beijing on September 28 in the news group posted a similar "alt.binaries.erotica.breasts" pictures, some of which hackers use e-mail address is Power -Poster @ power-post.org.

ISC (Internet Storm Center), chief technology officer Jonas - Ullrich (Johannes Ullrich) said that difficult problems of image information in the group with a distinction between the normal picture, but these pictures have included the use of "JPEG loopholes "in the code. Hackers use "JPEG vulnerability" approach was just released last weekend's "JPEG of Death", but on a small range of revision. The same way as with the other use, "JPEG of Death" is also a JPEG file format through the GDI + JPEG decoder cause a buffer overflow. GDI + JPEG decoder is a common Windows component, is widely used Windows operating system, IE browser, Outlook and other Windows software.

When the user opens a JPEG image, the existence of the problem, the computer system will automatically install the remote control program Radmin, a hacker can the process as "Trojan horse" to Huode right of the target host remote control Right. In addition, the infected "Trojan horse" of the host will automatically send the report to the IRC channel. Ulrich said that this attack method works only on computers using the Windows XP operating system effective.

ISC and antivirus companies to remind customers, from a technical perspective, there is "JPEG" image holes, and will not spread like a virus, but the hacker can use to modify the code so that it automatically downloaded with the ability to send e-mail virus engine, thus speeding up the spread. Security experts fear that the existence of the GDI + JPEG flaw as "Sasser" virus spread as leading to the Internet again. Because through "JPEG" vulnerability could gain unauthorized access to the target host on the IE browser, Outlook e-mail program and the Office and other applications, it is very attractive to malicious hackers.