{"id":204617,"date":"2022-10-03T11:44:15","date_gmt":"2022-10-03T09:44:15","guid":{"rendered":"http:\/\/sftarticles.wpenginepowered.com\/en\/?p=204617"},"modified":"2025-07-01T20:24:44","modified_gmt":"2025-07-02T03:24:44","slug":"scammers-hiding-malware-windows-logo","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/scammers-hiding-malware-windows-logo\/","title":{"rendered":"Scammers have been hiding malware in the Windows logo!"},"content":{"rendered":"\n

Malware seems to be everywhere these days with scammers hiding it in everything from fake job offers to LinkedIn Smart Links. Today, however, we have news of malware being pumped into even the most inconspicuous of places, the Windows logo itself. It seems that malicious actors have shipping out dangerous malware hidden in image files and that even the Windows logo has been affected in this manner<\/strong>. Here is what you need to know.<\/p>\n\n\n

\r\n
\r\n
\r\n
\r\n \"Windows\r\n <\/div>\r\n
\r\n Windows 11<\/span>\r\n Download Now<\/a>\r\n <\/div>\r\n
\r\n <\/path><\/path><\/text><\/svg>\r\n <\/div>\r\n <\/div>\r\n
\r\n <\/span>\r\n <\/div>\r\n
\r\n \r\n <\/div>\r\n <\/a>\r\n <\/div>\r\n<\/div>\n\n\n\n

Cybersecurity experts at Symantec have discovered a new way that threat actors have been trying to catch out unsuspecting victims. The malicious method is called steganograp<\/strong>hy and involves hiding malware code into images.<\/p>\n\n\n\n

According to the Symantec report<\/a> the campaign, which is being perpetrated by a cybercriminal gang called Witchetty hides an XOR-encrypted backdoor malware in a bitmap image of an old Windows logo<\/strong>. Interestingly, the compromised file is hosted on a cloud service that wouldn\u2019t normally be flagged as being suspicious, which is what allows it to evade security scanners.<\/p>\n\n\n\n

The XOR-encrypted backdoor allows the scammers<\/strong> to perform various actions,<\/strong> which will cause the victim harm including altering and editing files and folders, starting and terminating processes, downloading further infected files onto the device, stealing files and documents, and even messing around with the Windows Registry.<\/p>\n\n\n\n

Incredibly, it seems like this type of attack has successfully targeted several institutions<\/strong> including several governments in the Middle East and even the South African Stock Exchange.<\/p>\n\n\n\n

Again, however, this is just another example of why you need to be more careful than ever these days when you are using your computer and online.<\/strong> With malicious files even infiltrating mundane elements of our digital experience such as Windows logos and basic image files, we really do need to be up to date with how to spot these types of scams and prevent them ending up on our devices. To help you do this we recommend consulting with our guide to spotting phishing scams and fake emails<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Malware seems to be everywhere these days with scammers hiding it in everything from fake job offers to LinkedIn Smart Links. Today, however, we have news of malware being pumped into even the most inconspicuous of places, the Windows logo itself. It seems that malicious actors have shipping out dangerous malware hidden in image files … Continue reading “Scammers have been hiding malware in the Windows logo!”<\/span><\/a><\/p>\n","protected":false},"author":9073,"featured_media":204660,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":0},"categories":[1015],"tags":[3149],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-204617","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-app-subdomain-redirectionwindows-11"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/204617","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/9073"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=204617"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/204617\/revisions"}],"predecessor-version":[{"id":323100,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/204617\/revisions\/323100"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/204660"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=204617"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=204617"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=204617"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=204617"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=204617"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=204617"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}