Twitter memes can hide malware

Trend Micro has discovered a new type of malware that spreads through memes on social networks. Here's how to defend yourself

Even memes can hide a malware, a virus or other malicious code that can infect your computer. This was revealed by Trend Micro, a company that produces a well-known antivirus and that discovered how from a Twitter account created in 2017 two memes were shared on October 25 and 26, 2018, respectively, that contained malware.

The Trend Micro antivirus was able to recognize and block the code, but on PCs equipped with other antivirus or without any protection the memes may have gone unnoticed. Twitter deleted the account from which the memes originated on December 13, thus restoring peace of mind. However, it is not known whether there are other such accounts and whether the phenomenon of meme-activated malware is much more widespread.

How meme-activated malware works

The malware in question, to be precise, is TROJAN.MSIL.BERBOMTHUM.AA. Trend Micro also points out that the memes delivered it by executing a command that downloads the trojan from a server external to Twitter. But when the malware goes live, it is able to download other memes from Twitter that execute other malicious code that is also capable of taking screenshots of the user's screen and collecting various information, then sending it all to a remote address on Pastebin. A behavior very similar to that of other viruses and malware already seen in recent times on the Internet. The main difference is that this time the malicious code does not travel through a phishing email, but through a "harmless" meme.

The danger, then, is not so much in the malware itself, but in the transmission medium: every day millions of memes are shared on Facebook, Twitter, other social networks or via email. Each of these could carry a portion of malicious code, exponentially increasing the possible opportunities for contagion. Besides, it should be noted that more and more viruses and malware now aim to take screenshots of our screen and collect lists of files on our hard disk, all information that is increasingly valuable and well paid, if it is collected from millions of computers.

How to defend yourself from malware

The recommendations to protect yourself from malware conveyed through memes on social networks are the classic ones: never surf without a good antivirus with real-time protection; frequently download new virus definitions, so that the protection software is constantly updated and efficient; avoid risky behaviors. This last recommendation, however, is worth little in this specific case: the malware is in fact hidden on a content published on a reliable platform and not on an unsafe or unrecommended site.