What is Steganographic Malware and How to Defend Against it
Everything contains a secret message. Subliminal messages can be found in paintings, logos, marketing, advertising, poems, and what not. Generally, these hidden messages are harmless and present for the purpose of product placement. However, in the online environment, this sort of thing is known as steganography. In steganography, messages are hidden in pictures, audio records, video files or text documents. However, instead of being harmless, they usually are laced with a malicious code. Cybercriminals and attackers use this method to dodge getting discovered by defense mechanisms.
Are you wondering how steganography works? Well, malware authors inject hidden data by inserting a code within a digital picture. After that, the picture gets transferred to the targeted computer. Now, the malware extricates the hidden data. This altered picture is rather hard to discover by merely looking at it. As a matter of fact, it is also difficult to identify using security systems. For this reason, cybercriminals employ this technology to launch attacks.
Stegoloader is a kind of digital Steganographic malware which was developed in the year 2013. After a few years, it started spreading globally and wreaked havoc everywhere. It left no industry including education, health, finance, and hospitality unattacked.
In December 2017, it was security researchers at McAfee ATR found that an attack which was directed at corporations associated with the Pyeongchang Olympics employed steganography. This malicious attack was directed at more than three hundred South Korean companies related to the Olympic. The malware actor used spoofing tactics and deceived the receivers into thinking that the message was coming from the South Korean National Counter-Terrorism Center (NCTC). Moreover, the message was sent at the time when anti-terror drill exercises were taking place in order to prepare for the upcoming Olympics. This made the message seem genuine.
If you install freeware on your system, then you should be extra vigilant. Some software may contain malicious codes. When you install them, they may steal data from your device and encrypt it. You may have to pay a ransom to get your data back.
The lesson to be learned here is as you sow, so shall you reap. You need to be very careful about where you are downloading stuff from. Such free software is riddled with steganographic malware. Here are some steps you can take to protect your devices from this threat:
Download from the original source
If you want an app or program for your device, then go to the original website or download it from a secure App Store such as Google Play or Apple App Store. While you might be tempted to download pirated copies, it is no good for your system’s security.
Research before downloading anything
Before you download a program on your device, conduct thorough research. If you are downloading from an app store, then go through the reviews. Check the developer’s name and see if there are any typos or grammatical errors in the description. Use the search engine and see all the reviews and ratings. Read the negative feedbacks and see if anybody has faced security problems. If you find something suspicious, then refrain from downloading the application.
Get a robust security software
Install a robust security solution in your device to ensure maximum protection. Make sure that the system firewall is turned on and security software is updated. Anti-malware programs are a must-have for all web-enabled devices, as they are capable of detecting and removing malware.
Edward Lewis is a creative person who has been writing blogs and articles about cybersecurity. He writes about the latest updates regarding mcafee.com/activate and how it can improve the work experience of users. His articles have been published in many popular e-magazines, blogs, and websites.
source: https://setmcafee.com/what-is-steganographic-malware-and-how-to-defend-against-it/
Are you wondering how steganography works? Well, malware authors inject hidden data by inserting a code within a digital picture. After that, the picture gets transferred to the targeted computer. Now, the malware extricates the hidden data. This altered picture is rather hard to discover by merely looking at it. As a matter of fact, it is also difficult to identify using security systems. For this reason, cybercriminals employ this technology to launch attacks.
Stegoloader is a kind of digital Steganographic malware which was developed in the year 2013. After a few years, it started spreading globally and wreaked havoc everywhere. It left no industry including education, health, finance, and hospitality unattacked.
In December 2017, it was security researchers at McAfee ATR found that an attack which was directed at corporations associated with the Pyeongchang Olympics employed steganography. This malicious attack was directed at more than three hundred South Korean companies related to the Olympic. The malware actor used spoofing tactics and deceived the receivers into thinking that the message was coming from the South Korean National Counter-Terrorism Center (NCTC). Moreover, the message was sent at the time when anti-terror drill exercises were taking place in order to prepare for the upcoming Olympics. This made the message seem genuine.
If you install freeware on your system, then you should be extra vigilant. Some software may contain malicious codes. When you install them, they may steal data from your device and encrypt it. You may have to pay a ransom to get your data back.
The lesson to be learned here is as you sow, so shall you reap. You need to be very careful about where you are downloading stuff from. Such free software is riddled with steganographic malware. Here are some steps you can take to protect your devices from this threat:
Download from the original source
If you want an app or program for your device, then go to the original website or download it from a secure App Store such as Google Play or Apple App Store. While you might be tempted to download pirated copies, it is no good for your system’s security.
Research before downloading anything
Before you download a program on your device, conduct thorough research. If you are downloading from an app store, then go through the reviews. Check the developer’s name and see if there are any typos or grammatical errors in the description. Use the search engine and see all the reviews and ratings. Read the negative feedbacks and see if anybody has faced security problems. If you find something suspicious, then refrain from downloading the application.
Get a robust security software
Install a robust security solution in your device to ensure maximum protection. Make sure that the system firewall is turned on and security software is updated. Anti-malware programs are a must-have for all web-enabled devices, as they are capable of detecting and removing malware.
Edward Lewis is a creative person who has been writing blogs and articles about cybersecurity. He writes about the latest updates regarding mcafee.com/activate and how it can improve the work experience of users. His articles have been published in many popular e-magazines, blogs, and websites.
source: https://setmcafee.com/what-is-steganographic-malware-and-how-to-defend-against-it/
Comments
Post a Comment