FeedAPT & Nation-StateOilRig Hides C2 Configuration in Google Drive Image Using LS...
APT & Nation-StateCyber Security News
6.5HIGH

OilRig Hides C2 Configuration in Google Drive Image Using LSB Steganography

📅 28 April 2026 at 07:13 UTC📰 Cyber Security NewsView original source ↗
OilRig Hides C2 Configuration in Google Drive Image Using LSB Steganography

A well-known Iranian state-sponsored hacking group called OilRig, also tracked as APT34 and Helix Kitten, has been found hiding its command-and-control (C2) server configuration inside a regular-looking image file stored on Google Drive. The threat group used a technique called LSB (Least Significant Bit) steganography to quietly embed encrypted data into a PNG image, making […] The post OilRig Hides C2 Configuration in Google Drive Image Using LSB Steganography appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview

OilRig, an Iranian state-sponsored hacking group, hid its C2 server configuration in a Google Drive image using LSB Steganography, evading detection and increasing stealth.

⚙️Technical Details
Affected Systems
Google Drive
Attack Vectors
LSB Steganography
💥Impact Assessment
Severity: high
Who Is at Risk
Organizations with access to Google Drive and potential targets of OilRig's operations
🛡️Recommended Actions
1Monitor Google Drive for suspicious image uploads
2Implement LSB Steganography detection tools
3Regularly update antivirus software to detect steganographic malware

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News
← Back to feed