More information about last week’s “Shady Rat” hacks continues to be uncovered, including reports that the attackers behind the hack used digital images to obscure their activities.
Researchers at Symantec analyzing the attacks found images were hiding code that enabled communication back and forth with infected machines and a command-and-control (C&C) server, according to a report from DarkReading.
The report, based on a recent Symantec blog post, studied several images including one of a woman in a hat and another of a seacoast scene that contained commands that for all intensive purposes were naked to the human eye. Using steganography, the science of writing messages in a way that only the sender and intended recipient can see, the attacker encoded encrypted HTML commands into the images.
Operation Shady Rat was the name given to an ongoing series of cyber attacks conducted worldwide that affected 70 different corporations over the last five years. McAfee revealed the attack last week following the culmination of an in-depth analysis on one of the attack’s C&C servers.