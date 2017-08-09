Attacks using steganographic techniques are on the rise, according to researchers at Kaspersky Labs. But methods to detect such attacks are improving, they said.

Steganography is the practice of sending data in a concealed format. It is unlike cryptography, which conceals the contents of a secret message as steganography conceals and disguises the very fact that a message is being communicated.

The use of such methods has increased over time and Kaspersky said that these attacks are hard to detect as the image looks virtually identical to the human eye and the file size also remains unchanged. Several malware operations aimed at cyber-espionage, and several examples of malware created to steal financial information using this technique have recently been caught according to Kaspersky.

The firm said that it has witnessed at least three cyber-espionage operations using this approach. This has included updated versions of Trojans including, Zerp, ZeusVM, Kins, Triton and others.

“Although this is not the first time we have witnessed a malicious technique, originally used by sophisticated threat actors, find its way onto the mainstream malware landscape, the steganography case is especially important,” explained Alexey Shulmin, security researcher at Kaspersky Lab.

“So far, the security industry hasn't found a way to reliably detect the data exfiltration conducted in this way. The images used by attackers as a transportation tool for stolen information are very large, and even though there are some algorithms which could automatically detect the technique, their mass-scale implementation would require tons of computing power and would be cost-prohibitive.”

He added that it is relatively easy to identify an image “loaded” with stolen sensitive data with the help of manual analysis. “However, this method has limitations, as a security analyst would only be able to analyse a very limited number of images per day,” he said.

Shulmin added that using a combination of technologies for automated analysis and human intellect in order to identify and detect such attacks could be the answer.

“However, there is room for improvement in this area, and the goal of our investigations is to draw industry attention to the problem and enforce the development of reliable yet affordable technologies, allowing the identification of steganography in malware attacks,” he said.

This article originally appeared at scmagazineuk.com