Exploiting social media sites for command-and-control (C2) has been growing in popularity in the past few years. But both Good and Bad guys have privacy concerns about their communication methods. Discoverable encryption may not always be the answer. By using image stenography we hide command-and-control messages in plain sight within digital images posted to the social media site Instagram. In this presentation, we will demo Instegogram as well as discuss how to detect and prevent it.
Amanda absolutely loves malware. She works as a Malware Researcher at Endgame who focuses on dynamic behavior detection both on Windows and OSX platforms. @_Amanda_33
Hyrum Anderson is a data scientist at Endgame who researches problems in adversarial machine learning and deploys solutions for large scale malware classification. He received a PhD in signal processing and machine learning from the University of Washington. @drhyrum
Daniel Grant is a data scientist at Endgame focusing on behavioral analysis and anomaly detection. He received a MS in Operations Research from Georgia Tech and likes building things that find bad guys when they are being sneaky.