Have you ever wondered how hackers, journalists, insiders, and other individuals exfiltrate data without getting caught? It’s a fascinating and often unsettling aspect of modern technology and information security. Sometimes their laptops and storage devices are looked through, by security personnel, and yet they still don’t find anything.
If you think they hid the information, you are right; they employ various sophisticated methods and tools to ensure the data remains undiscoverable. Techniques such as encryption, and steganography allow them to obscure their tracks and avoid being caught.
In previous posts we have talked about encryption. In simple terms, it’s a way to convert data into something that is unreadable. Once you provide the correct decryption key, the data is reversed into its original state and the intended user is able to read its content.
Today we will explore the concept of steganography. “Simply put, steganography is the practice of “hiding in plain sight.” Steganography encodes a secret message within another non-secret object in such a manner as to make the message imperceptible to those who aren’t aware of its presence. Of course, because of this secrecy, steganography generally requires the recipient to be aware that a message is forthcoming.”
Installation
There is no better way to learn something than actually doing it. As you may have guessed, there are multiple tools out there to perform steganography. To do so, we will use “stegosuite” to hide a secret message inside of an image.
Type the following command on your terminal to install stegosuite.
sudo apt install stegosuiteStegosuite
After installation you should open up your terminal and type stegosuite gui and see something similar to what is shown in the screenshot below.
Now you will need to choose which picture you want to use to hide the secret data in. You can browse for it or drag it into the stegosuite terminal window.
From the screenshot below you can see that the top box is to type or paste the data that will be hidden inside the image. The bottom box is to type the decryption key. It can be numbers, a word, or a passphrase. To finish hiding the data click on “Embed”.
If you are curious like me, you will want to know what happened to the original image. The screenshot below visually highlights with red and green pixels what has been changed in the image. Remember that both images will be identical to the human eye. This is just so you can see what happened to the picture.
Now, to extract the data, type this command on your terminal again: stegosuite gui. This time drag and drop the new embedded image to the stegosuite terminal (or browse for it). Type in the decryption key you used before inside the bottom box and click on “Extract”.
If you used the correct decryption key, you should have data populate inside the top box after clicking on “Extract”. Using stegosuite’s GUI makes it very simple to hide and extract information from an image.
Hackers are resourceful and creative. They use steganography to steal data but also to hide their attacks from any security measure an organization may have in place.
An option to verify if an image is hiding something is to check the file size. The image may look like a regular picture but if it contains data or hides malicious code, it will be heavier than your usual image size. This is not 100% accurate as some pictures can be “big” in size but it could be an indication to watch out for.
Discover more from Cyber-Jot | Learn Cybersecurity & OSINT
Subscribe to get the latest posts sent to your email.
Leave a Reply