I have been working in image processing and AI for the last 20 years. I have the computation power at my hands and I am willing to help, but I lack time for the coming 2-3 weeks.
First thing I would do is gather the relevant images and set up a conda environment to write a few Python scripts. I assume they did not use steganography on PNG/BMP type files, which rules out any information being hidden in the least significant bits in a pixelwise fashion.
My hypothesis would be that any messages would be encoded in the factors of the discrete cosine transform that encode each 8x8 block of pixels. First order of business would be to have a look at those. There are tools out there to do this. Depending on their output, I would wrap these (command line) tools with a Python script, so I can quickly use many different settings on large amounts of images.
However, one must not forget that simply changing the DCT factors has proven to be easily detectable, such that more advanced ways of DCT encoding have been developed. I am sure tools exist for that, but it may make things very difficult.
Once a message has been detected in an image, once must assume the message is encrypted, at which point a dictionary attack in addition to a common MAGA phrase list, could potentially work to decrypt the message.
I will look into pixelknot and see if I can make a little time to do some tests.
I have been working in image processing and AI for the last 20 years. I have the computation power at my hands and I am willing to help, but I lack time for the coming 2-3 weeks.
First thing I would do is gather the relevant images and set up a conda environment to write a few Python scripts. I assume they did not use steganography on PNG/BMP type files, which rules out any information being hidden in the least significant bits in a pixelwise fashion.
My hypothesis would be that any messages would be encoded in the factors of the discrete cosine transform that encode each 8x8 block of pixels. First order of business would be to have a look at those. There are tools out there to do this. Depending on their output, I would wrap these (command line) tools with a Python script, so I can quickly use many different settings on large amounts of images.
However, one must not forget that simply changing the DCT factors has proven to be easily detectable, such that more advanced ways of DCT encoding have been developed. I am sure tools exist for that, but it may make things very difficult.
Once a message has been detected in an image, once must assume the message is encrypted, at which point a dictionary attack in addition to a common MAGA phrase list, could potentially work to decrypt the message.
I will look into pixelknot and see if I can make a little time to do some tests.