A disturbing trend is sweeping through messaging apps, with steganography scams on the rise, particularly targeting WhatsApp and Telegram users. As of June 8, 2025, cybercriminals are exploiting these popular platforms to deliver malware hidden in seemingly harmless images, posing a serious threat to your financial security and privacy. This stealthy tactic is gaining traction, and understanding its mechanics—and how to defend against it—is more critical than ever.
Table of contents
Open Table of contents
What’s Happening?
Steganography, an ancient technique revived for modern cybercrime, involves embedding malicious code within digital files like images, making it invisible to the naked eye. On WhatsApp and Telegram, scammers send these infected images, often from unknown numbers or compromised contacts, disguised as innocent photos or requests for help. Recent cases, such as the Jabalpur incident where a man lost ₹2 lakh after opening a malicious WhatsApp image, highlight how pervasive this threat has become. The same risk applies to Telegram, where the platform’s open nature and large user base—over 500 million monthly active users—make it equally vulnerable.
How It Works
The scam relies on a method called Least Significant Bit (LSB) steganography, where malware is concealed in the least significant pixels of an image file. Once you download or open the image, the hidden code activates silently, bypassing traditional security checks. No clicks on links or additional actions are needed—just opening the file is enough to infect your device. This malware can then steal sensitive data like banking credentials, OTPs, passwords, and even UPI details, sometimes granting remote access to hackers. The lack of immediate alerts or OTP prompts makes it especially insidious, as victims often don’t realize the breach until it’s too late.
The Devastating Impact
The consequences can be severe. Financial losses, as seen in the Jabalpur case and similar incidents across India, can reach lakhs of rupees within minutes as the malware drains bank accounts or authorizes unauthorized transactions. Beyond money, the breach can expose personal data, including messages and photos, or enable spyware to monitor your device. This trend aligns with broader reports of sophisticated cyberattacks leveraging social engineering, exploiting the trust users place in familiar apps like WhatsApp and Telegram.
How to Stay Safe
Protecting yourself is straightforward but requires vigilance:
- Avoid Unknown Images: Never open or download files from unknown or unverified contacts.
- Disable Auto-Downloads: In WhatsApp, go to Settings > Storage and Data > Media Auto-Download and turn off automatic downloads for all media types. Telegram offers a similar option under Settings > Data and Storage > Automatic Media Download—disable it there too.
- Update and Secure: Keep your apps and device software updated, and consider installing reputable antivirus software to detect anomalies.
- Educate Others: Share this awareness with friends and family, especially those less familiar with tech, to reduce collective risk.
While the establishment narrative often frames these apps as secure due to end-to-end encryption, this focus can downplay vulnerabilities in file handling, as seen with WhatsApp’s delayed patches for similar exploits. The reliance on user action to update apps or adjust settings also shifts responsibility away from platform providers, raising questions about their accountability.
A Growing Concern Worth Watching
The rise of steganography scams on WhatsApp and Telegram reflects a shift in cybercrime tactics, moving from obvious phishing links to stealthier, file-based attacks. With millions of users globally, the scale of potential impact is alarming, and the lack of robust platform-level defenses—like automatic file scanning—leaves users exposed. Stay proactive, follow these prevention steps, and keep an eye on updates from security experts as this threat evolves. Your digital safety depends on it!