It is as old as effective technique in order to hide messages between two interlocutors.
The message submitted to this technique appears to the reader as an image, a text or a list which are a “coverage” of the real message. Basically, the original message, which is usually put in a harmless box, is usually defined as “carrier”, of common use and which does not arise, at the first sight, to be suspicious.
In contrast with the encryption, which mixes the different parts of the message till it becomes incomprehensible if you do not have a key in order to decrypt it, the aim of the steganography is keep away eyes from the existence of the message by hiding it.
And like other methods for the managing of information, also the steganography is used in digital technologies.
One of the main useful carriers is made up by multimedial files (images, audios, videos and so on). The secret information can be written in metadata or directly inside the main content.
By the point of view of security systems and those who, in working, controls the traffic at the entrance and at the exit the online loading of multimedia files does not arise suspicious. Modern steganographers cannot hide viruses or other malicious programmes in multimedia files, but can write code strings, for instance, to add a malicious function to utilities and operating system processes, to harmless programmes or programmes created for legitimate purposes (which have already been scanned by an antivirus program and are considered safe) and turn them into malware.
How to defend against this type of attack? It is essential to have an up-to-date antivirus and firewall system, so that it can identify known corrupted media files. It is also important to have an advanced Antivirus and Firewall system, which allows malware detection based on behavioural analysis. By studying the ‘behaviour’ of programmes while they are running, if software that has hitherto been harmless behaves suspiciously, it will be detected and blocked.
SOURCE: FEDERPRIVACY