A good exploit is one that is delivered in style”. My work over the past couple of years involves exploring new and innovative means of exploit delivery. My research involves using perfectly valid images (JPG, GIF, BMP, etc) to not only deliver exploits but also trigger them.
Stegosploit is the result of malicious exploit code hidden within pixels of the image carrying it. The image however, is a multi format container, which also contains the code required to decode the steganographically encoded pixels to execute the exploit. A single file can be rendered as a perfectly valid HTML file, executed as a perfectly valid Javascript file, and displayed as a perfectly valid image, all at the same time.
Exploit delivery therefore happens through transmission of pure images. No known means of malware detection have been able to successfully identify these images.