Steganography: A weapon of cybercriminals
Steganography is a cryptographic technique of hiding something – a message, code, or other content – within something else, such as a digital photograph or video to the naked eyes. More than a decade ago steganography was a very popular method for delivering malware, and recent reports show that this type of attack is making a comeback. The above image was created by my colleague Joao Bernardo as an example of steganography. He has embedded a well known story in the picture of his dog above. Can you figure out how to view the hidden content? Give up? Highlight the next line of text for the solution - Download the image and open it with a text editor on your system, such as Notepad and scroll down to the bottom.
As demonstrated with the image above, cybercriminals could use this same technique to hide a variety of malicious payloads inside an image. Attackers often abuse legitimate services allowing users to post images, allowing them to spread malware from a variety of legitimate sources to multiple users. The malicious payload within the image executes when the image is rendered in a browser or a picture viewer application successfully delivering the malware and infecting the victim.
Detecting steganography is difficult, but blocking all images seems extreme in the era of social media. So how do you protect yourself? Here are a few suggestions:
- Beware of unknown attachments in email, especially from unknown senders.
- Keep your operating system, software, and browser up to date.
- Use Anti-malware software on all devices, preferably with behavior monitoring capability.
Written by: Hanna Guan (Cyber Security Analyst, Information Security)