Stavo leggendo un articolo sul malware attivo nei banner pubblicitari, limitato ai sistemi con IE-browser con alcune impostazioni.
Milioni esposti a malvertising che ha nascosto il codice di attacco nei pixel del banner
Researchers from antivirus provider Eset said "Stegano," as they've dubbed the campaign, dates back to 2014. Beginning in early October, its unusually stealthy operators scored a major coup by getting the ads displayed on a variety of unnamed reputable news sites, each with millions of daily visitors. Borrowing from the word steganography—the practice of concealing secret messages inside a larger document that dates back to at least 440 BC—Stegano hides parts of its malicious code in parameters controlling the transparency of pixels used to display banner ads. While the attack code alters the tone or color of the images, the changes are almost invisible to the untrained eye.
To execute the hidden payload, the malicious ads load a heavily modified version of Countly, an open-source package for measuring website traffic. That JavaScript extracts the hidden code out of the image and executes it. Because there's nothing per se malicious in the JavaScript, ad networks fail to detect what's happening.
Potrebbe essere possibile che un file javascript (o altro) -stegano salvato su un hd, possa essere attivo quando una connessione internet è online?