Home > News >
Steganography in the News > 2012
|
08/28/2012:
|
Viewpoint: Criminals
Can Hide Data in Plain Sight - BBC News
"Is there a hidden threat right under our noses? Each day billions of messages are
sent over the internet. Not surprisingly, some contain very sensitive information
and much effort goes into making sure these messages are unreadable by anyone other
than the intended recipients. It inevitable that the bad guys on the internet are
already using these techniques. There are freely available tools... and these tools
continue to advance. What is required is proper funding of the detection techniques,
or at the minimum, some more reliable method of determining if steganography is
being used for hiding messages en masse, if we are to have a proper understanding
of the threat."
|
08/21/2012:
|
Anti-Digital Forensics, The Next Challenge - DFI News
"Although steganography (hidden writing) has been around for thousands of years,
today it pertains to the concealment of digital information within a computer file
(termed the carrier file). Steganography tools, available since the 1990s, function
by hiding digital data (text or pictures) in a manner such that only the sender
and the recipient know that it is there. Often digital pictures are used as carrier
files. The steganography tools can change the least significant bits (the right
most bit in a binary integer) in a picture and replace them with the corresponding
bits from the data being hidden. For instance, to hide a text message, the sender
might adjust the color of every 50th pixel in a .jpg to correspond to a letter in
the text to be hidden. Once this is done, the .jpg will not be visually different
in its appearance even though its pixels have been changed. The only way to know
if the .jpg was altered is to check its size in bytes or its hash value against
its pre-unaltered values. Obviously, those pre-unaltered values would have to be
known and documented somewhere. Examiners need to look for the presence of steganography
tools on the suspect’s computer. If no tools are discovered, possibly their artifacts
can be found in the registery. To aid in this process, there are some commercially
available tools that can detect the presence of steganography applications and their
artifacts."
|
|
07/11/2012:
|
Stealing Documents Through Social Media Image-Sharing -
Dark Reading
"Security researchers will unveil at Black Hat USA a new method of hiding sensitive
information in the encoding of seemingly safe images shared on social media sites
to avoid security mechanisms. The method employed by a new tool they developed called
SNScat can not only be used to exfiltrate data off networks without detection, but
to also run covert botnets through the type of social media network traffic allowed
by most businesses today. 'They are in near real-time executing the commands that
we give it and executing commands that we send to it easily -- just as you would
have done with any other remote access tool or RAT -- but now you don't see anything
different [on the network],' Sonya explains. 'Using steganography, we're embedding
our information into images [and] setting it onto the site. The implant downloads
images, extracts the commands from it, executes the commands, and either does what
you told it to or places messages back into images and back onto social networking
sites.'"
|
|
05/02/2012:
|
Steganography: How al-Qaeda Hid Secret Documents in a Porn Video
- Ars Technica
"When a suspected al-Qaeda member was arrested in Berlin in May of 2011, he was
found with a memory card with a password-protected folder—and the files within it
were hidden. But, as the German magazine Zeit reports, computer forensics experts
from the German Federal Criminal Police (BKA) eventually uncovered its contents—what
appeared to be a pornographic video called 'KickAss.'Within that video, they discovered
141 separate text files, containing what officials claim are documents detailing
al-Qaeda operations and plans for future operations—among them, three entitled 'Future
Works,' 'Lessons Learned,' and 'Report on Operations.' So just how does one store
a terrorist’s home study library in a pirated porn video file? In this case the
files had been hidden (unencrypted) within the video file through a well-known approach
for concealing messages in plain sight: steganography."
|