Stegobot is a proof of concept new-generation botnet where bots communicate over unobservable communication channels. It is designed to spread via social-malware attacks and steal information from its victims. Unlike conventional botnets, Stegobot traffic does not introduce new communication endpoints between bots. Command and control information as well as stolen sensitive information are relayed using steganographic techniques piggybacking over the image sharing behavior of users in a social network. Hence stolen information travels along the edges of the victims' social network. The current implementation is based on a simple routing algorithm called restricted flooding. The tuning of the steganographic channels is a key security parameter. It works surprisingly well in real world experimental deployments; even when tuned very conservatively (against detection) it is capable of channeling sensitive payloads of close to 100MB to the botmaster. See press coverage in the New Scientist, MSNBC, Times of India, and a few others.