A security researcher has discovered a novel steganography technique for hiding data inside a Portable Network Graphics (.PNG) image file posted on Twitter, a tactic that could be exploited by threat actors to hide malicious activity.
Researcher David Buchanan heralded his discovery on Twitter earlier this week, accompanied by a photo declaring: “Save this image and change the extension to .zip!”
He made the source code for his method available in a ZIP/PNG file attached to the image as well as on a post on GitHub that explains his methodology.
Read more…
Source: ThreatPost