A recently discovered piece of malware has a unique way of communicating with its creator—through an internet meme posted on SilipTwitter.
The mysterious hacker has been using the "What if I told you" meme to secretly tell a Windows-based strain of malware when to grab screenshots from infected PCs, according to security firm Trend Micro.
SEE ALSO: Why every super paranoid internet user needs a cheap ChromebookAlthough the internet meme look like an ordinary digital image, a simple command is hidden in the file's metadata, Trend Micro VP Mark Nunnikhoven says. The malware, on other hand, has been designed to look up the hacker's Twitter account and scan image files for the secret commands.
"The messages used for this malware are very small (typically one word) meaning that they can be hidden between the metadata and actual pixel layout without changing the image itself," Nunnikhoven said in an email.
The hacker appears to have only posted two malicious memes — on Oct. 25 and 26 — with the command "/print," which will order infected Windows PCs to take a screenshot. Other hidden commands the hacker could've sent through the memes include "/clip" to capture clipboard copied content, and "/processos" to retrieve a list of running processes over the PC.
The practice of concealing messaging in nontext files such as images or video is called steganography, and it's become an effective way for hackers to sneak malicious code onto people's computers or send hidden commands over the open web.
"Most networking monitoring programs won't notice anything odd about access to Twitter.com," Nunnikhoven added. "A site that's based around a timeline like Twitter also allows the attacker to sequence commands for the malware. This can be an effective way of building a solid command and control channel."
The good news is that Twitter has disabled the hacker's account on its platform. But it isn't clear how the mysterious attacker was circulating the malware, a Trojanized .exe file.
In response to Trend Micro's findings, Twitter told PCMag: "Keeping people safe and secure on Twitter is our top priority. If content on Twitter is used for malicious purposes, we take action and remove it. Twitter plays no part in the distribution of the malware involved in this campaign."
However, the company didn't address questions over what Twitter can do to stop similar meme-based malware schemes in the future. Meanwhile, others have shown you can cram a whole lot of data, include ZIP archives, inside an image on Twitter, raising the possibility that hackers could employ the same tactic again.
Topics Cybersecurity X/Twitter Memes
Best free ChatGPT courses
Best Amazon deal: Shop select fitness and outdoor gear and save $25 when you spend $200
Hollywood power player Franklin Leonard on how AirPods changed his life
Best iPad deal: Save $99 on Apple iPad (10th Gen)
Ruggable x Jonathan Adler launch: See the new designs
NYT Connections Sports Edition hints and answers for December 18: Tips to solve Connections #86
Tablet deals: Get up to 46% off on tablets from Amazon, Apple, and Samsung
NYT Strands hints, answers for December 19
Best early Prime Day Fitbit deals 2025
NYT Connections Sports Edition hints and answers for December 19: Tips to solve Connections #87
Dallas Mavericks vs. Boston Celtics 2025 livestream: Watch NBA online
OpenAI now lets you call ChatGPT on your phone
Tablet deals: Get up to 46% off on tablets from Amazon, Apple, and Samsung
Best soundbar deal: Save $300 on Bose Smart Soundbar 550
Best early Prime Day Roomba deals: Newest Roombas on sale at Amazon
NYT Connections hints and answers for December 19: Tips to solve 'Connections' #557.
Can you ever cut all ties after a breakup in the digital age?
Score Kindle books for as low as $1.99 at Amazon
Winter storm: See snow totals for Florida, Texas and other states online
Best Samsung soundbar deal: Save $180 on Q
Pleasure Domes with Parking by Aaron GilbreathThe Making of Motherwell by Sadie SteinFree Verses by Dorian RolstonThe Joys of Reading by Sadie SteinConspiracy Theories, and Other News by Sadie SteinZeus, and Other News by Sadie SteinIn Memoriam: Harvey Shapiro, 1924–2013 by Sadie SteinThe Hatchet Falls by Sadie SteinThe Timid Investigators: An Homage to Roberto Bolaño by Frederic TutenThunderStick by Pamela PetroThe Perfect Stocking Stuffer by Sadie Stein“Hooray for Santy Claus!” by Sadie SteinFreedom and Light by Brian CullmanKafka’s Mice, and Other News by Sadie SteinFor the Little Ones on Your List! by Sadie SteinZeus, and Other News by Sadie SteinA Stowaway to the Thanatosphere: My Voyage Beyond Apollo with Norman Mailer by Rex WeinerGoT Beer, and Other News by Sadie SteinWillem de Kooning, Untitled, 1970 by The Paris ReviewDiscipline and Punish by Arthur Holland Michel 'Game of Thrones' is a bittersweet rewatch during social distancing 10 fun games to play on Zoom Need a scanner? There's a free one built into your iPhone. Disney+ developing Star Wars series with 'Russian Doll' co Tesla to implement a key security feature 'soon' Google Assistant is rolling out voice detection sensitivity controls 'Hunger Games' franchise returns to theaters with prequel adaptation Mother duck and her chicks dodge cars in a nail How to 'commute' when you're working from home 'Glitter tears' is the beauty trend for sad but sparkly people Nintendo claims Mario is 26 years old and I am here to put a stop to it Big iPad Pro with Magic Keyboard is way heavier than you'd want Australia will make Facebook and Google pay media organisations for content Everything coming to (and going from) Netflix in May 2020 Amazon scans warehouse workers for fevers using thermal cameras iPhone vulnerability targets Apple's iOS Mail app IFA Berlin pivots to an 'innovative new concept' due to coronavirus pandemic Photo of Adele and Stormzy hanging out is absolute squad goals Gamers report unauthorized access to their Nintendo accounts 16 of the best 'Together at Home' performances to watch on repeat