Skip to main content

Tag: steganography

8 articles

A coding test setup in a brightly-lit computer lab with a laptop and blank screen.

North Korean Hackers Exploit Coding Tests with Steganography-Laced Malware

North Korean hackers are targeting software developers with a sneaky malware attack, hiding steganography-laced payloads in coding tests to steal sensitive data and cryptocurrency. This latest campaign, tracked as REF9403, is just another example of the DPRK's relentless pursuit of valuable information.

Analyst 207
A text document on a laptop screen with a nearly imperceptible line of white text blending into the white background.

Steganography Exploits LLMs with Hidden Text Techniques

Want to hide text in plain sight? Try using white text on a white background or black text on a black background - simple yet effective visual tricks that can evade human eyes while remaining readable by machines.

Analyst 207
Shadowy figure looms over dimly lit cityscape, laptop screen displays Eastern Europe map, nearby smartphone lies broken.

APT28 Targets Ukraine, NATO Allies with PRISMEX Malware

Russian threat actor APT28 has launched a new campaign, deploying a previously unknown malware suite called PRISMEX to target Ukraine and its NATO allies, using clever concealment techniques to evade detection. This sophisticated attack combines steganography, COM hijacking, and legitimate cloud services to stay under the radar.

Analyst 207
AI-Enhanced Tuoni Framework: Exclusive Affordable Win

AI-Enhanced Tuoni Framework: Exclusive Affordable Win

A single crafted message—leveraging AI‑enhanced Tuoni C2, steganography and in‑memory execution—slipped past defenses at scale, showing attackers are getting smarter and stealthier. Its a wake‑up call: rapid detection, cross‑team coordination and tougher verification are now essential.

Analyst 207
Rhadamanthys Stealer: Exclusive Dangerous Threat

Rhadamanthys Stealer: Exclusive Dangerous Threat

Rhadamanthys has evolved from a simple credential stealer into a stealthy, full-stack threat that fingerprints devices and hides stolen data inside ordinary PNG images while pairing with proxy and crypt services for turnkey attacks. Defenders should boost telemetry, enforce phishing‑resistant MFA, and add content‑aware inspection (including steganalysis) to spot these covert exfiltration channels.

Analyst 207
QR-code steganography: Exclusive Dangerous Threat

QR-code steganography: Exclusive Dangerous Threat

A malicious npm package called Fezbox has been hiding stolen browser credentials inside seemingly innocuous QR images, turning routine builds into quiet data leaks. Treat every dependency with suspicion—pin versions, scan for suspicious runtime behavior, and rotate tokens—to defend against clever supply‑chain tricks like this.

Analyst 207
FileFix campaign: Stunning Risky Steganography Threat

FileFix campaign: Stunning Risky Steganography Threat

Imagine a threat hiding inside a photo: the FileFix campaign uses JPG steganography, a PowerShell loader and encrypted EXEs delivered via multilingual phishing to smuggle malware past traditional defenses. Stay cautious with unexpected image attachments and push for content-aware scanning and EDR to catch these layered attacks.

Analyst 207
Living Off The Land: Stunning, Risky Evasion Techniques

Living Off The Land: Stunning, Risky Evasion Techniques

Attackers are quietly blending in by weaponizing legitimate — often obscure — system tools and even image files to evade detection, forcing defenders to rethink the assumption that “known-good” equals safe. To stay ahead, organizations must expand telemetry, tighten allowlisting, and hunt for suspicious misuse of everyday binaries before trust becomes a vulnerability.

Analyst 207