“Operation Shady RAT” targeted cyberespionage hacks hid some of their activities behind digital images. Steganography is a relatively rarely deployed technique for hiding malicious code or data behind image files. The attacks started with legitimate-looking phishing emails that contained a link to a malicious file or URL. In one case, Defense contractors were targeted with a phishing email that had a real list of high-level defense industry executives who attended a recent Intelligence Advanced Research Projects Activity (IARPA) event.”]
Source: https://www.darkreading.com/attacks-breaches/-operation-shady-rat-attackers-employed-steganography