All the latest UK technology news, reviews and analysis

Researchers warn of image-stealing malware

07 Nov 2012
malware virus security threat

Researchers are warning users following the discovery of a malware infection designed to collect and upload image files to a remote server.

The malware, dubbed PixSteal-A by Sophos researchers, infects Windows PCs and then runs a search for all jpeg and dmp file types. The infected systems then establish a connection to a remote server via FTP and then upload the collected files.

While researchers report that the collection server is hosted in Iraq, the location of the individual controlling the operation is unknown and could be anywhere on the globe.

The aim of the operation is currently unknown and researchers are not yet sure how the attacker plans to use the pilfered images.

Chester Wisniewski, a senior security adviser at Sophos had a simple recommendation to users and administrators looking to prevent their image files from being compromised by the malware: simply disable FTP connections at the firewall level.

Wisniewski noted that because FTP does not use encryption measures when transmitting data, the protocol is outdated and leaves users at risk for attacks such as password and credential theft.

"While that might seem extreme, I suggest to you that you shouldn't allow FTP access to begin with," Wisniewski advised users in a post to the Sophos Naked Security blog.

"FTP should have died a long time ago and you can help. Just refuse to use it."

Though the emergence of sophisticated, targeted attacks has dominated headlines recently, malware growth across all levels and sectors is soaring.

While mobile devices such as Android handsets have grown in popularity with malware writers, Windows PCs remain by far the most heavily targeted systems.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols

Shaun Nichols is the US correspondent for He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Security
What do you think?
blog comments powered by Disqus

Windows 10 poll

What are your first impressions of Windows 10?

Popular Threads

Powered by Disqus
V3 Sungard roundtable event - Cloud computing security reliability and scalability discussion

CIOs debate how to overhaul businesses for the digital era

V3 hosts roundtable with Sungard Availability Services

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Junior Software / App Developer - VC Backed Medical Tech Start-Up

Junior Software / App Developer - University Spin Off...

Web Developer - £30k - £37k, Manchester city centre, PHP, MVC, Python

PHP Web Developer - Manchester city centre, £30k - £37k...

IT Systems Administrator - Warrington, £40k - £45k basic, Concept

IT Systems Administrator - Birchwood, Warrington, £40k...
To send to more than one email address, simply separate each address with a comma.