6 years ago (yikes!) I wrote about image steganography as a concept. At the moment there are a couple of pieces of malware that use steganography, such as Vawtrak (aka Neverquest) and ZeuS, to hide the command and control servers (C&C) or configuration files in images. This means that the malware does not need to contain a static list of C&Cs which will become old quickly, but can just download an innocent looking image from the internet; decode the hidden message and then connect out. The advantages are that the image can be refreshed with C&C data without having to recompile the malware; and the images can be hidden in plain sight; e.g. on legitimate message boards.
Steganography is the art of hiding something in something else in plain sight. Usually images or text are hidden within other images or sound files. For example, in the image below of trees there is an image of a cat hidden inside it. Wikipedia explains that for each component of each RGB value, if you take just the last 2 bits of it and then turn the brightness up 85%, you get a picture of the cat. The whole point is so the image of the trees looks identical to an image of the trees without an image hidden inside to the human eye.
python foodies Data Protection Act Moroccan cuisine nudge theory naughty bunny chocolate art gallery security résumé confirmation bias readability Machame camp Mesh computers Google iPod Touch shoes risk kill chain Facebook chat Firefox The Balmoral comedy Myxomatosis government exhibition retro thumbs.db Art Attack PostgreSQL The cloud ADS sewing foreman gig Shira camp cybercrime GPU counting Mweke conference risotto quantitative Mini forensics challenge exams stand-up Woodilee Vista rabbit nutrition SQLAlchemy cheatsheet wifi paintings statistics File tunnelling web browser forensics holiday ACPO lectures bacon