What is steganography in the context of data exfiltration?

Steganography in data exfiltration is about concealing the presence of a data transfer by hiding the payload inside a benign-looking file. Attackers tuck the exfiltrated data into ordinary files—such as images, audio, video, or documents—so that the file appears normal and the transfer isn’t obvious. For example, small bits of the hidden data can be embedded in the least significant bits of image pixels or within metadata, making the exfiltration blend in with ordinary traffic. This is why it’s the best answer: it specifically describes hiding data inside other files to avoid detection, rather than merely protecting the content or attempting to erase traces. Encrypting the data protects confidentiality but doesn’t hide that a transfer is occurring; compression reduces size but doesn’t conceal the activity; deleting data is about deletion, not stealthy exfiltration.