Emojis have become very popular in recent years as a way to quickly express thoughts and feelings. However, hackers have now come up with a clever new way to use it in their attacks.
as mentioned Internet newsA group of hackers has found a way to modify the popular messaging service Discord for use in Command and Control (C2). Hackers using Discord in their attacks is nothing new, but it is a Report from cybersecurity company Volexity It highlights how this group uses the service as well as a series of popular emojis.
Earlier this year, The Government of India was attacked by a Linux malware called Digomoji. The hackers behind the malware appear to be from Pakistan and have used the C2 communication emoji in several successful espionage campaigns.
How does Degomoji work?
To get initial access, Researchers believe the responsible hackers used phishing attacks and malicious documents as bait. But once the Digomoji malware is installed on a vulnerable system, it creates a dedicated channel on the Discord server so that each victim has their own separate channel.
then, Disgomoji sends a check-in message back to the hackers containing the target device’s IP address, username, hostname, operating system, and current working directory. To make matters worse, The malware persists and remains on the infected system even after a reboot.
Although we don’t need to worry about this specific strain of malware just yet, the way the hackers behind this campaign are using emojis to speed up their malicious activities is very interesting and could be a tactic we see threats from other actors imitating in the future.
ΞΌΞ΅ emoji hack
Instead of typing long strings of commands, Hackers who deployed Disgomoji on a targeted system could use the emoji to communicate malware. They send an emoji to the target’s Discord channel and the malware does the rest. However, Disgomoji uses clock emoji to let hackers know that a command has been processed and shows a βmark buttonβ emoji when the command is executed successfully
Check out the Volexity table which contains some other emojis used to communicate malware:
| Emoji | Emoji name | very |
|---|---|---|
| πββοΈ | Man running | Executing a command on the victim’s device |
| πΈ | Camera with flash | It takes a screenshot of the victim’s screen and uploads it to the command channel. |
| π | Pointing down | Download files from the victim’s device and upload them to the command channel as file attachments |
| βοΈ | Pointing up | Download a file on the victim’s device |
| π | Pointing to the right | Upload a file from the victim’s device to a remote file storage service |
| π | Pointing to the left | Uploading a file from the victim’s device to a different remote file sharing service. |
| π₯ | fire | It searches for all files matching a pre-defined list of extensions on the victim’s device and sends them |
| π¦ | Fox | Extract all Firefox profiles from the victim’s device |
| π | Skull | End the malware process |
Discord is also unable to disable Disgomoji operations because once a malicious server is blocked, the malware is able to recover by updating its credentials from a C2 server controlled by the hackers.
the Malware also has additional features to perform its tasks, Which includes scanning the victim’s network, network tunneling, and accessing a file sharing service to download and host the stolen data. Surprisingly, Disgomoji can also pretend to be a Firefox update and can even ask victims to manually type in their passwords.
How to stay safe
Although this particular strain of malware probably won’t be used to target consumers anytime soon, you should be wary of hackers if you don’t want your bank account emptied or your identity stolen.
The easiest and simplest way to protect yourself from hackers is to use updated software. This is because hackers like to target users who are using outdated software that still contains unpatched security vulnerabilities. Although it may be annoying, taking the time to install a new operating system or update Chrome can save you from falling victim to hackers.
from now on, You need to make sure that you are using the best security software From viruses on your Windows PC, best antivirus software on Mac, and one of the best antivirus apps for Android on your smartphone.
At the same time, You should be more careful when checking your inbox or messages to avoid phishing attacks. Be wary of emails or messages from unknown senders, avoid downloading any files or attachments, and do not click on any links they contain. You should also avoid letting your emotions control you. Hackers often try to instill a sense of urgency in you to make you act quickly and not think things through.
Hackers are always finding clever new ways to reuse popular tools, programs, and services, and now it seems they’ve managed to do exactly the same thing with emojis.
source: FOXreport.gr
“Total alcohol fanatic. Coffee junkie. Amateur twitter evangelist. Wannabe zombie enthusiast.”
More Stories
Is this what the PS5 Pro will look like? (Image)
Finally, Windows 11 24H2 update significantly boosts AMD Ryzen – Windows 11 performance
Heart Surgeon Reveals The 4 Things He ‘Totally Avoids’ In His Life