PNG Image Metadata Leading to iFrame Injections

[farlack]

Researchers have discovered a relatively new way to distribute malware that relies on reading  JavaScript code stored in an obfuscated PNG file’s metadata to trigger iFrame injections.

http://threatpost.com/png-image-metadata-leading-to-iframe-injections/104047

[1713489948]

1713489948

[kwest]

Can this be blocked somehow? I use Firefox. I guess turning off Java is one way?

[Gabi]

Can this be blocked somehow? I use Firefox. I guess turning off Java is one way?

Javascript is totally unrelated to java. So, no.

[RodeoX]

Yuck, a malicious steggo. That is hard to deal with. Do I need to shut off image loading? Would that even do it, or is the PNG read but not displayed in that case?

[juju]

Maybe using noscript addon will block Javascript and prevent this exploit for the time being.

https://addons.mozilla.org/en-US/firefox/addon/noscript/

Not sure if Chrome has it

[kwest]

Maybe using noscript addon will block Javascript and prevent this exploit for the time being.

https://addons.mozilla.org/en-US/firefox/addon/noscript/

Not sure if Chrome has it

Just installed it, I hope it helps.

Is there some way to only turn off PNG loading? Still allowing for JPG, GIF.

[juju]

No idea how to turn off PNG image loading with Noscript. Many years ago I wrote a browser that ignored all images and only returned barely formatted text to the users command line, I wonder if I can rebuild re-use this till the exploit is patched up. (IIRC, it was message board avatars that people used which drove me crazy, to the point I would rather read the forum without any images whatsoever additionally at the time I was under a bandwidth cap.

If anyone knows of any browsers similar to the one I coded that is decent let me know.