Secret messages are hidden everywhere – within a hit song, a brand logo, a big blockbuster movie. Usually, these messages are fun Easter eggs or nods to fans. In the digital world, this kind of practice is called steganography, and messages are usually concealed in images, audio tracks, video clips, or text files. But, instead of being a fun nod to users, these messages can sometimes contain something malicious, specifically, malware. In fact, digital steganography is often used by malware authors to avoid detection by security systems.
So how does a steganographic cyberattack work? First, cybercriminals insert secret information by embedding an algorithm within a digital image. Then, the image is transmitted to the target system, and from there the secret information is extracted for use by malware. The modified image is often difficult to detect by the human eye or by security technology – which is exactly why these crooks are using steganography to conduct cyberattacks.
Now, how often are these attacks happening? The first known use of steganography in a cyberattack was in 2011 with the Duqu malware. Steganographic malware has also been used on Instagram and has come included in exploit kits. However, a new variation of the threat is currently on the rise, as our McAfee Labs Threats Report: June 2017 has found that the Stegoloader malware code is currently hiding itself within the following image:
Users downloading free “pirated software” download this image along with the free program. While the user’s PC is completing the installation process, the image is unlocked and begins to download other malicious software onto the PC. For instance, Stegoloader can either download software that steals information from the infected system, or download ransomware that encrypts the PC’s information and holds it hostage until the victim pays.
Moral of the story: you get what you pay for. So, users need to be wary of where they get their software. In these steganographic malware cases, if you pay nothing to download software that would otherwise cost you money, there’s a big chance you may find yourself downloading junk software applications and then paying cybercriminals in other ways. Therefore, to protect yourself from steganographic malware, follow these tips:
-Go straight to the source. If you want software, it’s best to just go directly to legitimate sites and stores to download it. Though this software may be more costly than pirated services, these free programs can put your personal data at risk, and you could end up paying a ransom to get your information back.
-Do your homework. Whenever you want to load a software onto your device, make sure you do your homework before you click the download button. Look up the provider and check for any reviews online that mention issues with security. If something sketchy comes up, steer clear of the program entirely.
-Use a comprehensive security solution. Whether you’re downloading a software for your PC or phone, ensure all of your devices are protected from cyberattacks by adding in an extra layer of security. To create that additional barrier, utilize a comprehensive security solution, such as McAfee LiveSafe.