Washington: It would be a shock, a terrible shock, to Elinor Dashwood and the other characters in “Sense and Sensibility,” to see this happening. Unbeknownst to her or author Jane Austen, it seems that hackers from the 21st century are appropriating text from the 19th century classic novel to spread malicious software.
Researchers from Cisco Security said in a report released today that literary passages are becoming a new way to hide malicious code that allow hackers unlawful entry into computers and networks. “Adding passages of classic text to an exploit kit landing page is a more effective obfuscation technique than the traditional approach of using random text,” said researchers in their mid-year security report.
“The use of text from more contemporary works such as magazines and blogs is another effective strategy. Antivirus and other security solutions are more likely to categorise the webpage as legitimate after ‘reading’ such text.”
Cisco researchers said encountering references to Austen characters on a webpage “may be perplexing but not a cause for immediate concern.” Jason Brvenik, a Cisco engineer, said it remains a mystery about who is behind the literary hacking or why that novel was chosen over others.
“It is a seemingly random selection but it always from that book,” he said. Still, the technique opens the door for dastardly exploits from computer hackers, according to Cisco. Hackers can deliver a variety of malicious “payloads” through these tools, according to Cisco, including “ransomware,” a growing technique that locks a user’s files unless a ransom is paid.
The researchers said this is just one example about how hackers are innovating to find ways around computer protection. “Hackers, being unencumbered, have the upper hand in agility, innovation and brazenness,” Brvenik said.
“We see this time and again, whether it is nation-state actors, malware, exploit kits or ransomware.”