Questions tagged [malware]
Malware is any software application which subverts the will of the legitimate owner of a computer, by means of force or subterfuge, with or without personal or monetary gain on the part of the creator.
2,549
questions
1
vote
1
answer
90
views
How to update BIOS before BIOS infected Host reinfects BIOS?
I learned about the BIOS being able to be written to by malware. It reminded me I have a used laptop that performs noticeably slower than any comparable devices, so I went ahead an downloaded BIOS ...
1
vote
0
answers
60
views
GPU Firmware Infections through AUTOMATIC1111 (StableDiffuision)?
I would like to ask a question about a strange incident that occurred as a result of using the StableDiffusion tool AUTOMATIC1111 (https://github.com/AUTOMATIC1111/).
Here's what happened: I used the ...
1
vote
0
answers
31
views
what snort rules can detect covert channels?
I'm new to snort. I'm trying to set up rules in snort to detect the presence of covert timing channels. Ideally, I would like to use pre-made rules like the snort community rules.
So far, I've found ...
1
vote
0
answers
99
views
Can anyone decipher this .BAT malware? [closed]
Its a 3.37MB batch file. When opened in Notepad/++ it's all Chinese and some unknown characters. It's still remaining largely undetectable despite being launched in the wild more than 2 days ago, ...
1
vote
0
answers
46
views
Jump-Oriented Programming: Why is it better/easier to jump to the dispatcher gadget than to jump from one functional gadget directly to another?
Jump-oriented Programming: Why is it better/easier to jump to the dispatcher gadget than to jump from one functional gadget directly to another functional gadget?
My understanding of JOP:
In jump-...
0
votes
0
answers
26
views
Jump-Oriented Programming: Harder than ROP because the registers need to be prepared individually? + Turing complete, but large overhead/slow?
Full title: Jump-Oriented Programming: Is it harder than traditional return-oriented programming because you need to manually prepare all the addresses and registers or is there a different reason?
...
0
votes
0
answers
60
views
How to harden VMware for malware analysis? [duplicate]
I’m looking for answers specific to VMware Workstation Pro 17.5.2. in 2024, not answers about other VM softwares.
On Windows 11, how can I harden a VM in VMware Workstation Pro 17.5.2 so that malware ...
0
votes
0
answers
10
views
Can signing into a compromised account on a new device infect the new device? [duplicate]
Can signing into a gmail account that was compromised/hacked infect a new device? (Account was compromised on one device, and a new device is used to sign in).
What about for other accounts, like ...
2
votes
1
answer
83
views
What are the infection risks for a SMB/Samba file share from an infected client PC?
I have a PC on my home network that I consider potentially infected by exposure to an untrusted program from the internet. (Antivirus detected nothing, and the PC runs fine, but I'm choosing to err on ...
27
votes
4
answers
8k
views
How long does malware last "in the wild"?
I watched this YouTube video where the uploader connected a Windows 2000 virtual machine directly to the internet, no NAT or firewall.
Within minutes, his VM is infected with malware, the overwhelming ...
1
vote
2
answers
124
views
Backdoor:PHP/Webshell.O virus detected in an uploaded image file. Should I be worried? How can I prevent it?
I have a site which allows users to upload images. One uploaded file was recently detected by antivirus software (uploads aren't scanned, this was a system wide scan after)
Upon upload, I check the ...
0
votes
1
answer
145
views
Can a USB stick be made to automatically hack a system?
I am a cybersecurity professional who is interested in researching the field of injectables.
Does a device exist, or can be made, that if plugged into a computer would instantly start attacking the ...
1
vote
3
answers
214
views
Can my phone got infected if visit my mail inbox without opening any mail attachments?
I've found some articles saying some viruses/malware can attack your device by just opening an email without downloading or opening any attachments.
Is this true?
If yes, how risky for ordinary mail ...
0
votes
1
answer
117
views
Why Ransomware generate keypair in victim?
I read this answer Ransomware encryption keys and understood how wannacry works. But I still have a question: as I understand, the hacker will put the hacker's RSA public key in the malware, the ...
0
votes
2
answers
144
views
Clean wipe of USB stick of any hidden codes
If I purchase a supposedly brand new USB stick (or micros SD, or similar portable storage devices) online, and I don't quite know the origin where they are produced, and I am a bit paranoid, is there ...
7
votes
1
answer
400
views
Why did the xz-tools attacker put so much effort into hiding the malware when they could manipulate the tarball?
With all the discussion about the xz-tools supply chain attack on the Linux distros, what confuses me:
As stated here or on the infographic here, the attackers worked their way to becoming trusted ...
0
votes
0
answers
64
views
Can my VPN hide my IP address so I can test malware? [duplicate]
I heard that VPN could mask your IP address, but is this perfectly secure? I am trying to open up what I suspect to be malware on a VM, and I obviously don’t want it to be sending my real IP address ...
11
votes
1
answer
452
views
XZ compromise and consequences for people having used it
Here's a hot topic:
https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users
https://lwn.net/Articles/967180/
https://lwn.net/ml/oss-security/20240329155126.kjjfduxw2yrlxgzm@...
1
vote
0
answers
133
views
Malware in a PDF
I opened a PDF yesterday.
How large would a PDF be that has malware? The one I downloaded was approximately 5 MB.
If I opened the PDF on a browser, would the browser be infected?
For some context: I ...
1
vote
1
answer
135
views
Does PDF level compression implicitly cleans file of malware?
Recently I've been looking into PDF files security, specifically about malware exploiting vulnerabilities in PDF readers. I thought about one thing - does compressing PDF file (for example, by using ...
0
votes
0
answers
33
views
Is my home network infected? [duplicate]
Today, my family brought me a quite old laptop (it had Windows 7 Enterprise from around 2009). When I tried to turn it on, it was already complicated because I got a black screen with options, but the ...
0
votes
1
answer
115
views
Can an Azure template contain a virus, a backdoor or malware?
Sometimes you can find projects on the internet that can propose you to import a template to Azure, like this one.
You have a button and if you click it allows you to deploy:
Then you go through the ...
0
votes
1
answer
88
views
How dangerous is this suspicious PHP code? [closed]
I found this code on my web server in /wp-content/uploads/2023/index.php:
$hello_dolly[]='b8f878fc41d0fd3c';
$hello_dolly[]=$_POST;
$hello_dolly[]='color';
if (isset($hello_dolly[1][$hello_dolly[0]])) ...
0
votes
0
answers
106
views
If you encrypt an entire USB with Veracrypt can malware be put on the USB while encrypted?
Let's say that you take a USB drive and encrypt the entire thing with Veracrypt. Could someone modify that USB drive to include malware on it? This is not assuming that physical changes to the device ...
0
votes
1
answer
164
views
How to check whether a printer driver is malicious or not
While downloading a printer driver from the company's website, redirected to a google drive link. Google warning says it could be malicious.
The company is MEPL- based in India, but it is using a ...
0
votes
0
answers
155
views
Is it possible to infect a monitor via HDMI plus Ethernet [duplicate]
I caught a virus because of an exe file I downloaded to my computer last week. I am replacing my modem, graphics card, motherboard, processor, ssd and ram components with new ones. What are the ...
0
votes
0
answers
89
views
Possible to supply IKEA Tradfri with Malware? (How to detect / remove)
Maybe I'm overly cautious here, but I bought a 2nd hand IKEA Tradfri lightbulb. The package was opened so whoever owned it before had access to the bulb itself.
My question is: Am I too cautious ...
1
vote
0
answers
81
views
Streamer Virus on offline network [closed]
I have an offline network with 200 users. and routers, switches, 4 esxi servers and 1 netapp rack.
After about a year, my team found out that we have a virus in the network called streamer.exe that ...
0
votes
1
answer
299
views
Is malware less prevalent in the Apple App Store compared to the Google Play Store?
I was searching for reports about malware on the Apple App Store and only found minor ones (at least from a user's perspective) on the first few Google search results.
Doing the same search for the ...
1
vote
0
answers
64
views
WinAPI legit usecase for setting PPID
I am studying malware development right now (exclusively WinAPI) and reached the topic of PPID spoofing. I understand the concept and why it is useful, however I do not understand why is it possible ...