The digital security company Sophos has released a report warning of a virus hiding in a photo of American pop singer Taylor Swift. The code is called Sophos by MyKings, but other digital security companies might call it DarkCloud or Smominru. The virtual plague has been operating since 2017, infecting more than 500,000 machines in the first months. After major actions by digital security companies, it was possible to reduce its scope.
The technique used to hide malicious code in the singer's image, shorthand, is not new. However we have to emphasize that the photo itself, if opened by an image editor or viewer, is harmless. The file is only used to hide malware from some security solutions. The image will only be "useful" on an already infected computer, which will download it from the internet and thus "outwit" the security monitors that are active on the computer. In the past the image of actress Scarlett Johansson has been used for this purpose.
The attack by MyKings is not sophisticated, but opportunistic, as the virus looks for easier and more exposed targets. Hackers are primarily targeted at Windows corporate networking machines, attacking software and services in outdated versions where security holes exist. Once infected, the malicious code behind the image is executed, performing the installation of cryptocurrency mining programs.
The programs take advantage of the machine's processing capabilities to perform mining, with the user noticing system slowdowns and increased network activity at best. To prevent possible removal, the virus installs itself in various locations on the computer. If you do not perform a complete removal, another part of the virus reinstalls the deleted components again. In addition, MyKings closes some external communication ports so that no other malware can use the computer.
Sophos recommends upgrading the operating system and protection software. Observing computer behavior and network traffic will also help identify whether or not the computer is infected. According to the security company, hackers currently earn approximately $ 300 a day in cryptocurrencies, more precisely Monero. This value has been higher in the past because of the cryptocurrency devaluation.