Malicious hackers are increasingly using steganography, a digital version of an ancient technique of hiding messages inside images, to conceal the tracks of their activities on an attacked computer, according to a new report from security provider Kaspersky Lab.

Researchers have seen at least three cyber espionage operations using this technique. It’s also being actively adopted by regular cyber criminals, in addition to cyber espionage actors, the report said.

“Although this is not the first time we have witnessed a malicious technique originally used by sophisticated threat actors find its way onto the mainstream malware landscape, the steganography case is especially important,” said Alexey Shulmin, security researcher at Kaspersky Lab.

Alexey Shulmin
Alexey Shulmin

“So far, the security industry hasn’t found a way to reliably detect the data exfiltration conducted in this way and the goal of our investigations is to draw industry attention to the problem and enforce the development of reliable yet affordable technologies, allowing the identification of steganography in malware attacks,” Shulmin said.

Kaspersky Lab researchers have seen the technique used in updated version of Trojans including, Zerp, ZeusVM, Kins, Triton and others. Most of these malware families are generally targeting financial companies and users of financial services. The latter could be a sign of the upcoming mass adoption of the technique by malware authors, resulting in generally increased complexity of malware detection.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access