A picture tells a 1,000 words. Pixels pwn up to 5 million nerds: Crims use steganography to stash bad code in ads


A strain of malware has been clocked using steganography to run malicious JavaScript on Macs via images in online banner ads, it was claimed this week. […] Interestingly, the code checks to see if Apple fonts are present, and if so, it figures it's running on a Mac and continues on. Non-Macs stop at this point.

This is pretty clever. It’s been done like this a few times in the past, but specifically targeting people using macOS via the installed fonts is a gloriously simple way to narrow the focus of the efforts.