lowmanio.co.uk title image

Articles with the tag: AES

Malware Steganography

Sun, 12 Apr 2015 02:56PM

6 years ago (yikes!) I wrote about image steganography as a concept. At the moment there are a couple of pieces of malware that use steganography, such as Vawtrak (aka Neverquest) and ZeuS, to hide the command and control servers (C&C) or configuration files in images. This means that the malware does not need to contain a static list of C&Cs which will become old quickly, but can just download an innocent looking image from the internet; decode the hidden message and then connect out. The advantages are that the image can be refreshed with C&C data without having to recompile the malware; and the images can be hidden in plain sight; e.g. on legitimate message boards.

Read full article

CyberForensics Conference 2014 - Day 2

Sat, 05 Jul 2014 10:21AM

With 1 comment

Day 2 was just as good as day one, here are the highlights:

Read full article