A sneaky new steganography malware is exploiting Microsoft Word
Hackers have been observed using steganography to target hundreds of organizations in Latin America with infostealers, remote access trojans (RAT), and more.
The campaign, dubbed SteganoArmor, was discovered by researchers from Positive Technologies.
For those unfamiliar with steganography, it’s a technique of hiding data inside benign files. Hackers use it to hide malware in JPG and similar files, and thus bypass email security solutions. As per the researchers, a threat actor dubbed TA558 sent out hundreds of phishing emails, through which they shared Microsoft Word and Excel files. These files exploit a seven-year-old flaw tracked as CVE-2017-1182. To minimize the chances of the emails being picked up by email security solutions, they were sent from compromised SMTP servers.