Hiding data using packet headers

Do some research and provide an actual example of a header being modified and your thoughts on how it was implemented. This can be an actual malware case, breach, white paper, or other similar examples. For your example, can you think of any ways that it might be prevented or detected?