Published on: April 18, 2020
BY GENADY VISHNEVETSKY
Hackers – they’re both smart and sloppy at the same time. Previously we’ve talked about cybercriminals using tool kits and automated scripts to streamline their operations. This week, your favorite security team found another method being used: Steganography.
Steganography is the practice of concealing a file, message, image or video within another file, message, image or video.
For instance, take a look at Figure 1 below. At first, nothing seems out of the ordinary. It looks like a standard phishing email with wiring instructions attached as an Adobe PDF file, with Priority Title as the beneficiary.
But wait, when you peel off the layers, there are two more wiring instructions placed underneath (Figure 2). Our guess is the automation tool that generated the phishing email was compiling attachment documents from different banks and title companies to see what hits. That's clever but, as mentioned earlier, also sloppy. They should've protected their work so security analysts can't reverse-engineer their “cleverness.”
Regrettably, a lot of malicious tools have been commoditized and resold on the black market. Something that required skill five years ago can now be done through the user interface by an unsupervised teenager. It’s as simple as plugging in the list and off you go. That’s why you see a lot of spam and phishing emails that are poorly done. Fortunately for us, we can easily spot them. Thank you for staying vigilant.
As always, think before you click. Be safe.