Technical Info

A common steganographic technique

In Part 1, we gave an overview of the growth of stegware (steganography malware) and how security experts underestimate its use as an attack vector. In this blog we look at the ways stealthy stegware is delivered and how this dangerous threat can be so difficult to detect.

In its simplest form, stegware is concealed inside seemingly innocuous digital images. In the burgeoning digital era, cyber attackers used the increasingly multimedia-driven content of the internet to their advantage to conceal their secret code within public images.

The rise of stegware: 2011 to 2019

Steganography in malware, known as stegomalware or stegware, is stealthily increasing in popularity as attackers diversify in pursuit of flying under the radar with their malicious code hidden from view in parasitic fashion. Malware authors continue to display versatility in devising new techniques, and re-inventing existing ones, in the hunt for ways to hide their malicious wares.

Malware writers are bringing the ancient practice of steganography up to date by masking malicious code in pictures, videos and other seemingly harmless types of image files. Many of these types of files are considered to be a low security risk and are often overlooked for further analysis. This has provided an ideal gateway of opportunity for would-be cyber attackers and for the concealment of malicious code.