PowerShell script) is encoded within specific pixels in publicly hosted images (which makes detection by common network traffic scanners very difficult) in other cases, downloading a file, e.g. In the case of images, the malicious data (e.g. Steganography enables the attackers to evade some security tools, including network traffic scanners. spreadsheet or Word document), often accompanied by a call to action (“I couldn’t stop laughing!” or “You really should read this!”) Then, clicking on the image or opening the file triggers an executable containing malicious content. The attacker sends an email or other type of message, seemingly from a trustworthy contact, with an intriguing image or common computer file (e.g. In the context of cyber-attacks, steganography is often (but not always) used in conjunction with spear-phishing attacks.
The practice of steganography-concealing messages or information within text or data-is far from new (during the cold war, newspapers and radio shows were regularly used to send coded messages and instructions to spies behind enemy lines.) The modern day version, however, is used not to convey instructions to humans, but as a means of weaponizing seemingly benign files with malware. The use of steganography in OT cyber-attacks If you’ve found this article interesting, please visit and follow Radiflow on LinkedIn, where you’ll find a wealth of exclusive content.
By Michael Langer, Chief Product Officer, Radiflow
0 kommentar(er)
