recommended reading

This Emerging Malware Sends Secret Messages and Is Practically Impossible to Detect


As if computer malware that steals your data weren’t enough, now there’s a new kind to worry about: Malware that does it via covert messages that are practically impossible to detect. And it’s becoming more prevalent, according to a new paper by researchers at the Warsaw University of Technology, the National Research Council of Italy, and Fraunhofer FKIE, a private information security research institute.

The malware is a modern take on steganography, an old technique of hiding secret messages in apparently innocuous texts. This new so-called “network steganography” works by cramming extra information into the data packets that travel across networks when we use the internet.

Steganography is useful when it’s important to obscure not only the content of a message, but the fact that a message exists at all, making it hard for law-enforcement agencies to detect. In digital form, it can be useful for good causes—for example, allowing a journalist facing censorship to communicate without attracting attention. But more often it has been used to infect computers and secretly steal data, or as a communication tool for criminal organizations.

One such organization was the child pedophilia ring known as the “Shadowz Brotherhood,” which was uncovered in 2002. It used an older steganographic method of encrypting data and storing it in apparently innocent image files. Modern network steganography could be even more difficult to detect, because unlike image files, the network packets that contain the secret messages are often deleted automatically, leaving no footprints to examine.

Since most of what we know about steganographic methods comes from researchers, not criminals, it’s hard to know how widespread the malware is on the Internet. What little we do know comes from the attacks that are exposed, such as a2008 theft of financial data from the US Department of Justice and a piece of malware called Duqu discovered infecting computers in 2011 by researchers in Budapest. But these attacks were still more primitive than the techniques the new paper describes.

To make matters worse, there are potentially hundreds of steganographic methods that network technology makes possible—from sending data over a voice service like Skype during pauses in a conversation, to tacking extra words on to Google search suggestions, to communicating via precise patterns of smartphone vibrations. That makes security difficult to tackle, the researchers say. The paper concludes with a pessimistic whimper: “A problematic aspect in this regard is the lack of effective and universal countermeasures,” it says. “We therefore deduce a need for additional research … that will lead to improved countermeasures.”

Reprinted with permission from Quartz. The original story can be found here

(Image via Mopic/

Threatwatch Alert

Credential-stealing malware / User accounts compromised / Software vulnerability

Android Malware Infects More than 1M Phones, Adds 13,000 Devices a Day

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.