A 28-year-old man from Maharashtra was scammed out of over Rs 2 lakh after downloading an image from an unknown number on WhatsApp. The image, which appeared to be a harmless photo of an elderly person, turned out to be part of an advanced hacking scam utilizing a technique called steganography.
Pradeep Jain received a call and message from an unknown number early in the morning, followed by a WhatsApp message containing an image and a question: “Do you know this person?” Though initially skeptical, Jain eventually downloaded the image around 1:35 PM after receiving repeated calls. In a shocking turn of events, Rs 2.01 lakh was withdrawn from his Canara Bank account through an ATM in Hyderabad just moments later. The scammers even managed to impersonate Jain’s voice during the bank’s attempt to verify the transaction.
Experts later revealed that the scam was executed using Least Significant Bit (LSB) steganography, a method that hides malicious code inside seemingly innocent files like images or PDFs. Unlike traditional viruses, these hidden payloads remain undetected by antivirus software and only activate once the file is opened.
Cybersecurity experts explained that steganography manipulates tiny data bits within the file, allowing hackers to install malware unnoticed. Such files often appear safe and pass through security systems, making it harder for both users and security software to detect any threat.
Cyber experts recommend several precautions to prevent falling victim to such attacks, including avoiding downloads from unknown numbers, disabling WhatsApp’s auto-download feature, regularly updating phone security, and never sharing OTPs. WhatsApp has also acknowledged these evolving scams, encouraging users to be cautious and use security features like context cards and the ability to block and report suspicious accounts.
This incident highlights the growing sophistication of cybercriminals and the need for greater vigilance when receiving unsolicited media on platforms like WhatsApp.
