I've been working on addressing the exfiltration leg as well as the other legs of the lethal trifecta in my OrcaBot [0][1] platform and I thought I had it mostly covered with the help of a network snitch and egress allowlist until I read these comments.
replyDomain fronting and Steganography in commits to public repos are not solved and probably in all honesty not completely solvable. I wonder if this well end up like in banking where no bank can completely eliminate fraud. I've got some ideas to do bank like fraud detection within OrcaBot now so might be able to limit the impact a little. Thank you!