Images are files, and files contain data. Data can have encryptions in it, and a new research by an Indian security researcher Saumil Shah titled Stegosploit has just confirmed that. The research says that as images contain pixels, it’s quite possible to have malicious code hidden in them, so that the code can be executed without your knowledge and can do anything with your system when you download the seemingly harmless image file. The study is based on Steganography, which involve using hidden communication using images.
Here’s how it works: The hacker creates an image file with embedded code in pixels, and the image just looks and displays as a normal image file. When it reaches your system, the latest HTML 5 technology splits the image into code elements for better rendering, and this allows the hidden code to be executed, and the code can just be set to do anything.
So, next time you have an nice landscape image shared online, just think twice before downloading or viewing it.