The “hidden in plain sight” cyber attack

Steganography

Steganography from the OED

When we were looking at steganography cyber attacks – hiding malicious code inside for instance image files – I was surprised just how much malware could be hidden without degrading the image. Here is a real-world example of this rare type if attack, spy are code embedded in a Microsoft Windows logo:

Steganography alert: Backdoor spyware stashed in Microsoft logo – The Register

Windows malware – Backdoor.Stegmap – was found embed in Windows logos, by a group of threat actors called the Witchetty gang, targeting governments in the Middle East.

Clive Catton MSc (Cyber Security) – by-line and other articles