What is Steganography and what are its popular techniques?

Imagine if you had the power to conceal information in plain sight. Well, this is indeed possible with the use of Steganography. Steganography is the process of hiding information, images, or audio messages inside another piece of information, image, or audio. Steganography is not a new term. It has been around since about 1500 and was first used by Johannes Trithemius in his book Steganographia.

What is Steganography in cybersecurity?

“Steganography is the technique of hiding secret data within an ordinary, non-secret, file or message in order to avoid detection; the secret data is then extracted at its destination.” – Tech Target

What is the use of Steganography?

There are many ways to conceal information using Steganography. The most common method is by embedding information into digital images. We all know that digital images say, a JPEG image, contains several megabytes of data in the form of pixels. This allows some room for someone to embed steganographic information within the digital file. With the use of steganographic applications, a hacker alters the least significant bits of the data file and embeds a malicious code into the image. Once the targeted user downloads and opens the image file in their computer, the malware is activated. Depending on its programming, the malware can now open a leeway for the attacker to gain control over the user’s device or network. The danger of Steganography is that the difference between the original image and the steganographic image is subtle and the two cannot be distinguished by the naked eye.

Is Steganography still used?

Yes, Steganography is still popular among cyber criminals. Recent attacks show that security researchers found a new malware campaign that used WAV audio files to hide their malware. It is believed that the attackers used Steganography to embed the malicious code inside the WAV audio file.

3 Techniques used in Steganography

1. Least Significant Bit

In this Steganography method, the attacker identifies the least significant bits of information in the carrier image and substitutes it with their secret message, in this case, malicious code. When the target downloads the carrier file, they introduce the malware into their computer which allows the attacker access to this device and the hack begins. Cybersecurity professionals commonly use sandboxes to detect these corrupt files. However, black hat hackers have invented various methods of bypassing sandboxes like sleep patching. Sleep patched malware is not easily detected by the sandbox since it poses as benign and buys time while studying the timing artifacts of the sandbox and executes when the sandbox is vulnerable.

2. Palette Based Technique

This technique also uses digital images as malware carriers. Here, the attackers first encrypt the message and then hide it in a stretched palette of the cover image. Even though this technique can carry a limited amount of data, it frustrates threat hunters since the malware is encrypted and takes a lot of time to decrypt.

3. Secure Cover Selection

This is a very complex technique where the cyber criminals compare the blocks of the carrier image to the blocks of their specific malware. If an image with the same blocks as the malware is found, it is chosen as the candidate to carry the malware. The identical malware blocks are then carefully fitted into the carrier image. The resulting image is identical to the original and the worst part is that this image is not flagged as a threat by detection software and applications.

These are just but a few methods by which black hat hackers frustrate ethical hackers using Steganography. Steganography allows attackers to operate in stealth mode while conducting a serious attack. Most of these attacks are zero-day exploits which give threat hunters sleepless nights. Some preventive measures against Steganography include the deployment of security patches, updating software, and educating end-users.

Receiving ethical hacking training from EC-Council will equip you with the knowledge and skill to learn how the adversaries are breaking into networks and wreaking havoc. Once professionally trained, you will receive the Certified Ethical Hacker (CEH) certification. This will show organizations that you are well-versed in over 340 attack technologies that are commonly used by black hat hackers and white hat hackers, alike.


Q. How do you decode Steganography?
To decode a hidden message from an image, just choose an image and hit the Decode button. Neither the image nor the message that has been hidden will be at any moment transmitted over the web, all the magic happens within your browser.
Q. What is Steganography and how it works?
The art and science of hiding information by embedding messages within other, seemingly harmless messages. Steganography works by replacing bits of useless or unused data in regular computer files (such as graphics, sound, text, HTML, or even floppy disks) with bits of different, invisible information.
Q. How is Steganography used today?
The most common form used today hides files within image files on a computer. The hidden file is encoded in the least significant bits of the values encoding the color of each pixel of the image.

Watch Now:

Learn the 5 Phases of Ethical Hacking

The Benefits of Creating Your Own Hacking Lab

get certified from ec-council
Write for Us