Dell Secureworks uncovers trojan that hides in image files
L33tdawg: Saumil Shah's stegosploit in the wild!
A stealthy modular version of the Stegoloader banking trojan is spreading through malicious PNG files, according to researchers at Dell SecureWorks' Counter Threat Unit (CTU).
The CTU researchers reported uncovering the variant in a threat advisory, warning that the malware has an advanced modular architecture capable of dodging many traditional security tools.
"Malware authors are evolving their techniques to evade network and host-based detection mechanisms. Stegoloader could represent an emerging trend in malware: the use of digital steganography to hide malicious code," read the advisory. "Stegoloader has a modular design and uses digital steganography to hide its main module's code inside a PNG image downloaded from a legitimate website."