Steganography Secrets: Malware Hidden in Plain Sight (opens in new tab)

The blog explains how threat actors use steganography to hide malware inside harmless-looking image files, helping them evade security tools and deliver malware like Remcos RAT, Agent Tesla, and XWorm through phishing campaigns. These attacks often use multi-stage infection chains involving JavaScript droppers and DotNET loaders that execute malware directly in memory to avoid detection. The report also highlights the growing abuse of image hosting sites such as archive[.]org and notes that m...