A surge in the number of Stegomalware instances using Steganography has been reported recently by the cybersecurity experts at Cyble Research Labs.
Steganography is mainly a method that entails concealing data inside of a normal message or file in a specific manner. The type of file it uses:-
There is no doubt that Steganography is one of the most evasive and difficult-to-detect methods of malware. Stegomalware uses image steganography to avoid detection mechanisms such as anti-virus software and anti-malware systems.
As a result of the use of Image Steganography, more than 1,800 malware samples have been identified in the wild over the last 90 days. Below is a summary of the distribution of stegomalware on a Monthly basis.
It is worth mentioning that there are several prominent malware families that use Steganography, including:-
It has been discovered that numerous instances of .JPG+EXE malware have been seen during the monitoring of chatter across multiple threat actors.
A malicious exe file is usually disguised as a legitimate image file and it is then injected into an image file using the Image Steganography technique.
Researchers reported two attacks in the last few weeks of July 2022, which were carried out by unknown individuals. Steganography was used in these attacks to deliver malware payloads in order to carry out the attack.
Various reports have been made about the effect that APT TAs have used.SFX files to use as a way to attack ICS/SCADA systems using exploit DB files.
Other systems can also be attacked with this attack vector. An executable file with the extension .SFX contains compressed data that can be uncompressed during the process of implementation.
It is also possible to execute the compressed files that are enclosed in a .SFX file, which allows TAs to easily execute malware through this technique.
Here the AgentTesla malware is extracted from the .JPG file in the archive after the .SFX archive has been extracted.
As a result of the extraction of malware, additional evasion capabilities may be leveraged directly by combining it with legitimate processes.
The following are some of the best practices in cybersecurity that are recommended by the experts:-
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates.
Hackers prefer phishing as it exploits human vulnerabilities rather than technical flaws which make it a highly effective and low-cost…
A very important message from the Norwegian National Cyber Security Centre (NCSC) says that Secure Socket Layer/Transport Layer Security (SSL/TLS)…
Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices, which makes it an attractive target…
ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine, to target infected systems, which extracts…
Santander has confirmed that there was a major data breach that affected its workers and customers in Spain, Uruguay, and…
The U.S. government has offered a prize of up to $5 million for information that leads to the arrest and…