HOME

TheInfoList



Click Here for Items Related To - stegomalware
OR:
stegomalware on:   [Wikipedia]   [Google]   [Amazon]

Stegomalware is a type of
malware Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to caus ...
that uses
steganography Steganography ( ) is the practice of representing information within another message or physical object, in such a manner that the presence of the concealed information would not be evident to an unsuspecting person's examination. In computing/ ...
to hinder detection. Steganography is the practice of concealing a file, message, image, or video within another file, message, image, video or network traffic. This type of malware operates by building a steganographic system to hide malicious data within its resources and then extracts and executes them dynamically. It is considered one of the most sophisticated and stealthy ways of
obfuscation Obfuscation is the obscuring of the intended meaning of communication by making the message difficult to understand, usually with confusing and ambiguous language. The obfuscation might be either unintentional or intentional (although intent ...
. The term of "stegomalware" was introduced by researchers in the context of mobile malware and presented at Inscrypt conference in 2014. However, the fact that (mobile) malware could potentially utilize steganography was already presented in earlier works: the use of
steganography Steganography ( ) is the practice of representing information within another message or physical object, in such a manner that the presence of the concealed information would not be evident to an unsuspecting person's examination. In computing/ ...
in malware was first applied to botnets communicating over probabilistically unobservable channels, mobile malware based on covert channels was proposed in the same year. Steganography was later applied to other components of malware engineering such as
return-oriented programming Return-oriented programming (ROP) is a computer security exploit technique that allows an attacker to execute code in the presence of security defenses such as executable-space protection and code signing. In this technique, an attacker gains con ...
and compile-time
obfuscation Obfuscation is the obscuring of the intended meaning of communication by making the message difficult to understand, usually with confusing and ambiguous language. The obfuscation might be either unintentional or intentional (although intent ...
, among others. The Europol-supporte
''CUING'' initiative
monitors the use of steganography in malware. The methods used by stegomalware have been used in a number of attacks:
Duqu Duqu is a collection of computer malware discovered on 1 September 2011, thought by Kaspersky Labs to be related to the Stuxnet worm and to have been created by Unit 8200. The Laboratory of Cryptography and System Security ( CrySyS Lab) of the ...
(to hide malicious payloads in
JPEG JPEG ( , short for Joint Photographic Experts Group and sometimes retroactively referred to as JPEG 1) is a commonly used method of lossy compression for digital images, particularly for those images produced by digital photography. The degr ...
images for stealthy data exfiltration), Zeus/Zbot (to mask command-and-control (C&C) traffic inside image files), Waterbug (to inject malicious code into WAV files).


References

{{reflist Computer security