Abstract: Deep learning models are currently widely used in automatic modulation recognition of wireless signals, but there are security vulnerabilities where attackers tamper with model parameters by injecting perturbations into the training data to implant a backdoor. When the input contains preset triggers, the backdoor activation leads to output directional bias, causing security risks. In order to deeply explore the security flaws of modulation classification models, this paper proposes a new adaptive steganography poisoning attack method, which is based on the information steganography technique, and the time-frequency domain characteristics of wireless signals to design an adaptive steganography trigger generator network, which adaptively learns the triggering patterns while implanting corresponding backdoors into the target model, and additionally, in order to improve the stealthiness of the attack to reduce the normal performance degradation of the model due to the attack. Based on the knowledge distillation technique, a bootstrap loss is introduced in the poisoning training process of the model, which reduces the normal accuracy degradation of the model and improves the covertness of the attack. After sufficient experiments, it is shown that the attack efficiency as well as the covertness of this method is better than the existing attack methods, and it can effectively resist the advanced poisoning defense, and finally its attack robustness in multiple scenarios is verified.