maxkabakov - Fotolia

Q
Manage Learn to apply best practices and optimize your operations.

How does stegware malware exploit steganography techniques?

Researchers at the 2018 RSA Conference discussed the increasing availability of malware that uses steganography, dubbed stegware. Discover how this works with expert Nick Lewis.

Researchers at RSA Conference 2018 discussed the rise of stegware hacking tools that use steganography techniques to evade detection. How does stegware work and what are some recent examples?

The use of obfuscation has become common with malware and many other attacks as it can make analyzing malicious code and command-and-control connections and exfiltration more difficult.

Similar to obfuscation, steganography -- the act of hiding secret messages within ordinary messages -- was discussed at the 2018 RSA Conference. Simon Wiseman, CTO of Deep-Secure, explained at the conference that the use of steganography by attackers has increased for the same reasons obfuscation is on the rise, but steganography is more effective at hiding data. For example, an attacker could hide command-and-control infrastructure information in an image posted on social media.

Wiseman also talked about how attackers can use steganography to hide data in different types of files without changing what the image looks like to a viewer, as different file formats offer different places to hide data. The attacker can then download the file with the hidden data and extract it from the file for use in the next step of an attack.

The amount of data that can be stored in a file using steganography techniques depends on the file type, so it may not always be an efficient method to quickly share a large amount of data without being detected. However, if a covert channel isn't detected, then it can be very difficult to identify the use of steganography and to understand what data is being changed.

Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)

This was last published in October 2018

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

Have steganography techniques been used against your enterprise? How did your company respond?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close