If you have been following our blog for a long time, you might remember us writing about malware that used EXIF data to hide its code.

This technique is still in use. Let us show you a recent example.

Contaminated Pac-Man

This code was found at the beginning of a malicious script that steals PayPal security tokens.

As you can see, it reads “EXIF data” from a pacman.jpg image hosted on Google’s servers, probably uploaded using a Blogger or Google+ account.

Continue reading Hiding Malware Inside Images on GoogleUserContent at Sucuri Blog.

Via Sucuri.net