And so, the tools of the trade. Some of the most popular methods used by hacktivists like Bronc Buster and OXblood Ruffin:
A common hacktivist technique is hiding text in plain sight. The art, known as stenography, has been used for years. The hackers don’t exactly put the pictures in plain sight. Hackers and governments have long realized that it’s more of a parlor trick than a viable means of spreading the word. A prodigious high school student could hack into a site that way; it takes a dedicated cadre of super-hackers to create software that is only detectable by those persons that they want.
There are several different types of tools, some of them are tools to create the images, some to encode the images and hide them within web pages and some are to view them. In most cases, the pages look perfectly normal to anyone who isn’t looking out for it – even the government. With the proper software, however, an entirely new world of images opens up. These images block out existing text in many cases and spread the messages held by the hackers.
The following is a list of the tools of the trade, care of http://www.hackfaq.org/cryptology/steganography.shtml:
OutGuess is a universal steganographic tool that allows the insertion of hidden information into the redundant bits of data sources. The nature of the data source is irrelevant to the core of OutGuess. The program relies on data specific handlers that will extract redundant bits and write them back after modification. In this version the PNM and JPEG image formats are supported. In the next paragraphs, images will be used as concrete example of data objects, though OutGuess can use any kind of data, as long as a handler is provided.
F5 is a publically available steganography software package which hides messages in BMP, GIF, and JPG graphics.
Camera/Shy is the only steganographic tool that automatically scans for and delivers decrypted content straight from the Web. It is a stand-alone, Internet Explorer-based browser that leaves no trace on the user's system and has enhanced security.
JPHIDE and JPSEEK are programs which allow you to hide a file in a jpeg visual image. There are lots of versions of similar programs available on the internet but JPHIDE and JPSEEK are rather special. The design objective was not simply to hide a file but rather to do this in such a way that it is impossible to prove that the host file contains a hidden file. Given a typical visual image, a low insertion rate (under 5%) and the absence of the original file, it is not possible to conclude with any worthwhile certainty that the host file contains inserted data. As the insertion percentage increases the statistical nature of the jpeg coefficients differs from "normal" to the extent that it raises suspicion. Above 15% the effects begin to become visible to the naked eye. Of course some images are much better than others when used a host file - plenty of fine detail is good. A cloudless blue sky over a snow covered ski paradise is bad. A waterfall in a forest is probably ideal.
MP3Stego will hide information in MP3 files during the compression process. The data is first compressed, encrypted and then hidden in the MP3 bit stream. Although MP3Stego has been written with steganographic applications in mind it might be used as a copyright marking system for MP3 files (weak but still much better than the MPEG copyright flag defined by the standard). Any opponent can uncompress the bit stream and recompress it; this will delete the hidden information (actually this is the only attack we know yet) but at the expense of severe quality loss.
Steghide is a steganography program that is able to hide data in JPG, BMP, WAV, and AU files. The color frequencies are not changed thus making the embedding resistant against first-order statistical tests.
Hydan steganographically conceals a message into an executable. It exploits redundancy in the i386 instruction set by defining sets of functionally equivalent instructions. It then encodes information in machine code by using the appropriate instructions from each set. The executable filesize remains unchanged. The message is Blowfish encrypted with a user-supplied passphrase before being embedded.