The stars in this James Webb telescope picture might not be the only thing it conceals

Researchers have cautioned that a new phishing operation is using people’s fascination with James Webb telescope photos to spread malware.

NASA’s publication of a picture of the SMACS 0723 galaxy cluster this year has been exploited by hackers, according to a study (opens in new tab) from security firm Securonix. The malware is designed to evade detection by antivirus software.

A text editor inspection shows malicious code meant to initiate the download of a malicious executable, despite the image’s apparent lack of malice at first glance.

Images from the James Webb Telescope

NASA will release the first batch of James Webb Space Telescope photos, documenting the “earliest, fastest phases of star formation,” in July 2022. The stunning, colour photos quickly went viral online.

The need for more telescopic photographs, however, has opened the door for hackers, as is the case with any trend or event that attracts the public’s curiosity.

The bad guy sends out phishing emails with malicious Microsoft Office files attached. Once the attachment is downloaded, a series of events occurs that leads to the malicious picture being saved to the victim’s device.

The virus, written in Golang to impede analysis, is rumoured to be able to exfiltrate sensitive data and restore control of the infected system to its user.

In order to protect themselves from these frauds, internet users are cautioned to never accept attachments from unsolicited emails and to carefully examine the content of any files they do get for signs of grammatical or spelling mistakes.

In a separate development, despite reports that the malware strain in issue can evade security measures, it is nevertheless recommended that machines be safeguarded with industry-standard antivirus and ransomware protection software to lessen the likelihood of infection.