Stegosploit is a technique developed by Security researcher Saumil Shah and it was presented at a 2015 Hack in the Box Conference held in Amsterdam. By using this method hackers can infect your system by simply making you load an image on the Internet. You don’t even have to click or download the image for this technique to work. The malicious code embedded inside the pixels of a JPEG or PNG image launches automatically when it detects that the full image has been loaded on the victims machine. So, how can you tell the difference between an infected image and a normal everyday image? Well, to put it simply, you can't with the naked eye. Pictures that carry such codes do not look any different from other images.
It's very important to note that there have been no reports which can prove the use of Stegosploit in real world breaches. But this does not mean that it won’t. Using this technique, hackers can accomplish practically anything such as stealing the victim’s personal data, modifying files, opening a backdoor for other malware, etc. It's only a matter of time before hackers start using more creative techniques such as Stegosploit to deliver malware. Make sure to keep your browsers, OS, and software patched and up-to-date and always avoid clicking links in emails to view images; especially when it is from an unknown or unwanted source.