Warning: Hackers Now Hide Malware in Images, HP Warns

Cybercriminals are stepping up their game — and it’s getting scary. A new HP Threat Insights Report says hackers are now stuffing malware into image files and trusted apps to sneak past traditional security tools.

These attackers aren’t inventing anything new, but they’re polishing old tricks like phishing, reverse shells, and living-off-the-land (using legit system tools for attacks) in ways that make them harder to catch.

One campaign even disguised malware as a fake Adobe Acrobat invoice, complete with a phony loading bar. Another buried malicious code in image pixels hidden inside project documents. HP researchers also flagged a resurgence of the notorious Lumma Stealer malware, now spreading through .IMG archives.

HP’s Alex Holland explained: “Living-off-the-land, reverse shells and phishing have been around for decades, but today’s threat actors are sharpening these methods… It’s simple, fast and often slips under the radar because it’s so basic.”

Why does this matter for Nigeria? With cyber-attacks rising by 34% locally this year, and over 152,000 accounts leaked, these new tricks mean individuals, businesses, and even government systems must step up cyber hygiene.

HP recommends layered defense strategies like containment and isolation, since even the best detection tools can miss some threats.

The big picture? Hackers are no longer brute-forcing their way in — they’re blending in. And unless security catches up, more systems could get silently compromised.

Do you think Nigerian companies are ready for this level of cyber deception, or are we still playing catch-up?