{"id":28718,"date":"2016-12-14T18:01:40","date_gmt":"2016-12-14T10:01:40","guid":{"rendered":"https:\/\/www.hongkiat.com\/blog\/?p=28718"},"modified":"2023-04-06T19:19:13","modified_gmt":"2023-04-06T11:19:13","slug":"steganos-malware-internet-explorer","status":"publish","type":"post","link":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/","title":{"rendered":"Protect Yourself From Stegano Malware on Internet Explorer"},"content":{"rendered":"<p>Researchers have found a malicious malware, called Stegano that has <strong>targeted millions of unaware users of Internet Explorer<\/strong> through popular websites. The scariest part about this malware is that <strong>it manages to go undetected for two years before anyone manages to detect it<\/strong>.<\/p>\n<p>Stegano\u2019s attacks begin as <strong>javascript-infected ads<\/strong> for a screenshot app called <strong>\"Broxu\"<\/strong> and a privacy tool called <strong>\"Browser Defense\"<\/strong>. These ads are then pushed into larger ad networks, and later <strong>show up on major news sites<\/strong> that will eventually be visited by millions of unaware users.<\/p>\n<figure><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/assets.hongkiat.com\/uploads\/steganos-malware-internet-explorer\/01-broxu-browser-defence.jpg\" width=\"608\" height=\"250\" alt=\"broxu\"><\/figure>\n<p class=\"recommended_top\">\n\t\t\t\t\t<strong>Read Also:<\/strong>\u00a0\n\t\t\t\t\t<a target=\"_blank\" href=\"https:\/\/www.hongkiat.com\/blog\/firefox-security-plugins\/\">10 Firefox Add-ons For Safer Browsing Experience<\/a>\n\t\t\t\t<\/p>\n<p>When the infected ad shows up, Stegano scans, extracts and then runs a code that exploits an known Internet Explorer vulnerability. Once it confirms that the environment it is running in is indeed vulnerable, <strong>Stegano would load a one-pixel iframe offscreen that redirects the user to its landing page. <\/strong><\/p>\n<p>The landing page would then load a file that is capable of exploiting <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-8651\">three<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=cve-2016-1019\">different<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2016-4117\">Flash vulnerabilities<\/a>.<\/p>\n<figure><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/assets.hongkiat.com\/uploads\/steganos-malware-internet-explorer\/02-image-qr-code-alike.jpg\" width=\"980\" height=\"307\" alt=\"gif with cached data\"><\/figure>\n<p><strong>The moment Stegano knows your machine is vulnerable, it will display a special GIF file that contains cached data<\/strong>. This malware-ridden image can be identified when you zoom into it, as it contains a QR-like code that isn\u2019t particularly noticeable to the naked eye.<\/p>\n<p>Finally, it will perform one last security check that scans for any security software. <strong>If the scan fails to detect anything that could expose it, the malware would download and launch the payload, leaving the infected machines with a backdoor, keylogger, screenshot maker and a video maker<\/strong>.<\/p>\n<figure><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/assets.hongkiat.com\/uploads\/steganos-malware-internet-explorer\/03-the-chart.jpg\" width=\"912\" height=\"1024\" alt=\"chart\"><\/figure>\n<p>As Stegano relies on Internet Explorer and Flash to work, the simplest precaution is to avoid both. Researchers have also mentioned that the <strong>malware can be avoided by having fully patched software, that is, \"a reliable, updated internet security solution\"<\/strong>.<\/p>\n<p>Source: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/2016\/12\/06\/readers-popular-websites-targeted-stealthy-stegano-exploit-kit-hiding-pixels-malicious-ads\/\">ESET <\/a><\/p>\n<p class=\"recommended_top\">\n\t\t\t\t\t<strong>Read Also:<\/strong>\u00a0\n\t\t\t\t\t<a target=\"_blank\" href=\"https:\/\/www.hongkiat.com\/blog\/keeping-online-data-safe\/\">How You Are Helping Hackers Steal Your Data<\/a>\n\t\t\t\t<\/p>","protected":false},"excerpt":{"rendered":"<p>Researchers have found a malicious malware, called Stegano that has targeted millions of unaware users of Internet Explorer through popular websites. The scariest part about this malware is that it manages to go undetected for two years before anyone manages to detect it. Stegano\u2019s attacks begin as javascript-infected ads for a screenshot app called &#8220;Broxu&#8221;&hellip;<\/p>\n","protected":false},"author":157,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3398,3976],"tags":[174,4091,4601,316],"topic":[4523,4521],"class_list":["entry-content","is-maxi"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.8 (Yoast SEO v27.6) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Protect Yourself From Stegano Malware on Internet Explorer - Hongkiat<\/title>\n<meta name=\"description\" content=\"Researchers have found a malicious malware, called Stegano that has targeted millions of unaware users of Internet Explorer through popular websites. The\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Protect Yourself From Stegano Malware on Internet Explorer\" \/>\n<meta property=\"og:description\" content=\"Researchers have found a malicious malware, called Stegano that has targeted millions of unaware users of Internet Explorer through popular websites. The\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/\" \/>\n<meta property=\"og:site_name\" content=\"Hongkiat\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/hongkiatcom\" \/>\n<meta property=\"article:published_time\" content=\"2016-12-14T10:01:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-06T11:19:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.hongkiat.com\/uploads\/steganos-malware-internet-explorer\/01-broxu-browser-defence.jpg\" \/>\n<meta name=\"author\" content=\"Sia\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@hongkiat\" \/>\n<meta name=\"twitter:site\" content=\"@hongkiat\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sia\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/steganos-malware-internet-explorer\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/steganos-malware-internet-explorer\\\/\"},\"author\":{\"name\":\"Sia\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#\\\/schema\\\/person\\\/25661c0ca5beef807a38c0d038894641\"},\"headline\":\"Protect Yourself From Stegano Malware on Internet Explorer\",\"datePublished\":\"2016-12-14T10:01:40+00:00\",\"dateModified\":\"2023-04-06T11:19:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/steganos-malware-internet-explorer\\\/\"},\"wordCount\":310,\"commentCount\":6,\"publisher\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/steganos-malware-internet-explorer\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/assets.hongkiat.com\\\/uploads\\\/steganos-malware-internet-explorer\\\/01-broxu-browser-defence.jpg\",\"keywords\":[\"IE\",\"Malware\",\"Security and Privacy\",\"Web Browsers\"],\"articleSection\":[\"Internet\",\"News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/steganos-malware-internet-explorer\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/steganos-malware-internet-explorer\\\/\",\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/steganos-malware-internet-explorer\\\/\",\"name\":\"Protect Yourself From Stegano Malware on Internet Explorer - Hongkiat\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/steganos-malware-internet-explorer\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/steganos-malware-internet-explorer\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/assets.hongkiat.com\\\/uploads\\\/steganos-malware-internet-explorer\\\/01-broxu-browser-defence.jpg\",\"datePublished\":\"2016-12-14T10:01:40+00:00\",\"dateModified\":\"2023-04-06T11:19:13+00:00\",\"description\":\"Researchers have found a malicious malware, called Stegano that has targeted millions of unaware users of Internet Explorer through popular websites. The\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/steganos-malware-internet-explorer\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/steganos-malware-internet-explorer\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/steganos-malware-internet-explorer\\\/#primaryimage\",\"url\":\"https:\\\/\\\/assets.hongkiat.com\\\/uploads\\\/steganos-malware-internet-explorer\\\/01-broxu-browser-defence.jpg\",\"contentUrl\":\"https:\\\/\\\/assets.hongkiat.com\\\/uploads\\\/steganos-malware-internet-explorer\\\/01-broxu-browser-defence.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/steganos-malware-internet-explorer\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Protect Yourself From Stegano Malware on Internet Explorer\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/\",\"name\":\"Hongkiat\",\"description\":\"Tech and Design Tips\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#organization\",\"name\":\"Hongkiat.com\",\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/wp-content\\\/uploads\\\/hkdc-logo-rect-yoast.jpg\",\"contentUrl\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/wp-content\\\/uploads\\\/hkdc-logo-rect-yoast.jpg\",\"width\":1200,\"height\":799,\"caption\":\"Hongkiat.com\"},\"image\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/hongkiatcom\",\"https:\\\/\\\/x.com\\\/hongkiat\",\"https:\\\/\\\/www.pinterest.com\\\/hongkiat\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#\\\/schema\\\/person\\\/25661c0ca5beef807a38c0d038894641\",\"name\":\"Sia\",\"description\":\"A tech journalist for Hongkiat.com, Sia writes reviews on new products and services in the tech industry.\",\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/author\\\/sia\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Protect Yourself From Stegano Malware on Internet Explorer - Hongkiat","description":"Researchers have found a malicious malware, called Stegano that has targeted millions of unaware users of Internet Explorer through popular websites. The","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/","og_locale":"en_US","og_type":"article","og_title":"Protect Yourself From Stegano Malware on Internet Explorer","og_description":"Researchers have found a malicious malware, called Stegano that has targeted millions of unaware users of Internet Explorer through popular websites. The","og_url":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/","og_site_name":"Hongkiat","article_publisher":"https:\/\/www.facebook.com\/hongkiatcom","article_published_time":"2016-12-14T10:01:40+00:00","article_modified_time":"2023-04-06T11:19:13+00:00","og_image":[{"url":"https:\/\/assets.hongkiat.com\/uploads\/steganos-malware-internet-explorer\/01-broxu-browser-defence.jpg","type":"","width":"","height":""}],"author":"Sia","twitter_card":"summary_large_image","twitter_creator":"@hongkiat","twitter_site":"@hongkiat","twitter_misc":{"Written by":"Sia","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/#article","isPartOf":{"@id":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/"},"author":{"name":"Sia","@id":"https:\/\/www.hongkiat.com\/blog\/#\/schema\/person\/25661c0ca5beef807a38c0d038894641"},"headline":"Protect Yourself From Stegano Malware on Internet Explorer","datePublished":"2016-12-14T10:01:40+00:00","dateModified":"2023-04-06T11:19:13+00:00","mainEntityOfPage":{"@id":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/"},"wordCount":310,"commentCount":6,"publisher":{"@id":"https:\/\/www.hongkiat.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.hongkiat.com\/uploads\/steganos-malware-internet-explorer\/01-broxu-browser-defence.jpg","keywords":["IE","Malware","Security and Privacy","Web Browsers"],"articleSection":["Internet","News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/","url":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/","name":"Protect Yourself From Stegano Malware on Internet Explorer - Hongkiat","isPartOf":{"@id":"https:\/\/www.hongkiat.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/#primaryimage"},"image":{"@id":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.hongkiat.com\/uploads\/steganos-malware-internet-explorer\/01-broxu-browser-defence.jpg","datePublished":"2016-12-14T10:01:40+00:00","dateModified":"2023-04-06T11:19:13+00:00","description":"Researchers have found a malicious malware, called Stegano that has targeted millions of unaware users of Internet Explorer through popular websites. The","breadcrumb":{"@id":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/#primaryimage","url":"https:\/\/assets.hongkiat.com\/uploads\/steganos-malware-internet-explorer\/01-broxu-browser-defence.jpg","contentUrl":"https:\/\/assets.hongkiat.com\/uploads\/steganos-malware-internet-explorer\/01-broxu-browser-defence.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.hongkiat.com\/blog\/steganos-malware-internet-explorer\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.hongkiat.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Protect Yourself From Stegano Malware on Internet Explorer"}]},{"@type":"WebSite","@id":"https:\/\/www.hongkiat.com\/blog\/#website","url":"https:\/\/www.hongkiat.com\/blog\/","name":"Hongkiat","description":"Tech and Design Tips","publisher":{"@id":"https:\/\/www.hongkiat.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.hongkiat.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.hongkiat.com\/blog\/#organization","name":"Hongkiat.com","url":"https:\/\/www.hongkiat.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.hongkiat.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.hongkiat.com\/blog\/wp-content\/uploads\/hkdc-logo-rect-yoast.jpg","contentUrl":"https:\/\/www.hongkiat.com\/blog\/wp-content\/uploads\/hkdc-logo-rect-yoast.jpg","width":1200,"height":799,"caption":"Hongkiat.com"},"image":{"@id":"https:\/\/www.hongkiat.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/hongkiatcom","https:\/\/x.com\/hongkiat","https:\/\/www.pinterest.com\/hongkiat\/"]},{"@type":"Person","@id":"https:\/\/www.hongkiat.com\/blog\/#\/schema\/person\/25661c0ca5beef807a38c0d038894641","name":"Sia","description":"A tech journalist for Hongkiat.com, Sia writes reviews on new products and services in the tech industry.","url":"https:\/\/www.hongkiat.com\/blog\/author\/sia\/"}]}},"jetpack_featured_media_url":"https:\/\/","jetpack_shortlink":"https:\/\/wp.me\/p4uxU-7tc","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/posts\/28718","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/users\/157"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/comments?post=28718"}],"version-history":[{"count":3,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/posts\/28718\/revisions"}],"predecessor-version":[{"id":65986,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/posts\/28718\/revisions\/65986"}],"wp:attachment":[{"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/media?parent=28718"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/categories?post=28718"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/tags?post=28718"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/topic?post=28718"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}