Cyware: Attackers are using polyglot images in malvertising attacks to hide their malicious payloads
Researchers from DEVCON have observed a group of malvertisers using polyglot images to hide malicious ad payloads.
Why it matters - We have been familiar with attackers using steganography technique to hide malicious payloads inside images. However, Polyglot images are different from Steganographic images.
Steganography hides malware in an image by altering a few pixels in the image which makes it difficult to detect.
Additionally, polyglot images do not require an external script to extract the payload.