Hiding files within Pictues

GENERAL CHAT
Author
SouthFlaPhotog
Respected Poster
Added: Jun 07, 2007 9:47 pm
I heard that there is away to hide files in a picture so when the person opens the picture the hidden files installs itself. Anyone else heard this? I emailed Norton and they responded they are looking into but makes me nervous to download pictures if this is true.
palmer
Poster
Added: Jun 08, 2007 1:11 am
This is most definitely true. I had four or five of them . Norton was able to identify the virus and which pics but not able to remove them. I had to pay a computer house call guy $60hr to get rid of them.
SouthFlaPhotog
Respected Poster
Added: Jun 08, 2007 1:48 am
palmer wrote:
This is most definitely true. I had four or five of them . Norton was able to identify the virus and which pics but not able to remove them. I had to pay a computer house call guy $60hr to get rid of them.


so you didnt know until you opened them?
palmer
Poster
Added: Jun 15, 2007 8:54 am
did not know until they turned up on a Norton antivirus scan.
dallingo
Respected Poster
Added: Jan 13, 2008 1:33 pm
I know there's a tool called steganos which does something similar but without doing any harm. it uses picture files to hide other files in it...
esteban_55
Respected Poster
Added: Jan 15, 2008 2:22 am
It is not possible to insert a virus in a picture, since a virus needs to be executed. But it is possible to manipulate a picture in a way to exploit a flaw in microsofts gdiplus.dll library. This could do harm to a computer up to the extend which is similiar to that of a virus. But this is a very well known exploit and there are patches available.
You might need to update your windows. You can check at http://www.securiteam.com/windowsntfocus/5QP0C1FE0Y.html whether you need to.


The other thing you might have heard of is W32/Perrun-A. This is more a pretty stupid study in which a malicious program is executed once the user clicks on a picture file on his computer. This is done by changing the registry so that the default application for displaying pictures is changed to the malicious program. This program cannot be installed through a picture. But it can be installed by clicking on an executable in an email attachement or similiar brainless actions. More info here: http://www.sophos.com/virusinfo/analyses/w32perruna.html
http://www.sophos.com/pressoffice/news/articles/2002/06/va_perrun.html

palmer: i guess it was the exploit norton has found. I hope you updated your windows ... Smile
evilive
I'm probably spamming
Added: Feb 14, 2008 2:14 am
Well i have a prg that will hide rar files within .jpgs i guess you could also hide viruses in them as well i could post a pic with a rar in it with the prg(most would not ever need it) but i wont,just watch this to learn how to do it without a program

evilive I've deleted the link for 2 reasons:

a) It is prohibited to post links to streaming vids here.

b) I don't think it's a good idea to give members lessons on how to do this Very Happy .

Shadowman
esteban_55
Respected Poster
Added: Feb 18, 2008 8:07 pm
I assume your program is using steganography to hide files within pictures.
Neither this method nor the one described in the video is putting your computer at risk by opening the manipulated image in an image viewer. No matter how earth shattering the hidden virus might be.
Dirty Hooker
I'm probably spamming
Added: Mar 20, 2008 2:33 am
Steganography is different than hiding malicious programs within pictures. Here are the basics:

Steganography is basically the act of hiding images, messages or text within an image, video, document or some other form of media. Most often, it is used to covertly transmit data between two people. There is almost no risk to the average user even if they download a picture that has a steganographic message embedded in it. It's basically a hidden message, and it doesn't really "do" anything.

Embedded files, on the other hand, are what the OP was referring to, and can be malicious, and can cause issues. Basically, there are malicious users out there who can embed nasty trojans and viruses in pictures, videos, web sites, etc. These files will lay dormant, for the most part, unless you download them and run them on your computer. If you run them on your computer (e.g. "Open" them) you run the risk of kicking off whatever nastiness the trojan/virus/malware was supposed to do.

Now for the good news... Most of the easy to get software used for embedding malware/trojans/viruses into vids and pics is very outdated. Also, almost any up to date antivirus will detect this crap before it infects your machine (unless you're just being plain stupid... AV can only do so much). Last, this sort of malware embedding is much more prevalent in video than it is in images, and if you're downloading from "reliable" source (e.g. a known web site where people have reputations, or a pay site) vs. an unreliable source (e.g. eDonkey, Kazaa) you're much less likely to get gnarly trojans.

Anyway, I hope that helps.