The seemingly innocuous aut-complete feature used by Google and other search engines could be subverted for espionage.
In a recent study undertaken at Warsaw University of Technology in Poland suggests another key benefit of this feature. According to Wojciech Mazurczyk, a steganography specialist in Warsaw University the autocomplete feature in Google can be used by spies and terrorists to communicate with one another through hidden messages, New Scientist reports.
The research team infected a target computer with a malware known as ‘StegSuggest’ which intercepts autocomplete results between the user and the search engine. This malware adds an additional word after the first 10 suggestions that usually pop up while searching.
The last word is usually chosen from a list of 4000 most used words in English to avoid suspicion. The recipient can search random words and collect the eleventh word and later look for it in a codebook. Each suggested word has a 10 bit binary number which can be read through a different program to reveal the hidden message.
Cryptographers have pointed out that the amount of data being altered could raise a red flag that leads to the spies getting caught, or to their messages being intercepted.