Virus with encrypted zip file - Important notify about your e-mail account.
Riad S. Wahby
rsw at jfet.org
Wed Mar 3 13:01:58 PST 2004
sunder <sunder at sunder.net> wrote:
> It attaches a zip file with a password containing an executable. (No
> worries, I've not run it, and only extracted it on a SPARC machine, so it
> can't use buffer overflows designed for intel in unzip -- if any exist.)
I believe it's called Bagle.J.
Lots of people allow .zip files through their virus scanners if
they're encrypted, since until now it was thought that no virus would
encrypt the .zip file. In fact, one popular way of sending
viruses/trojan horses/other malware to forensic mailing lists for
analysis and discussion is by putting it inside an encrypted .zip
file, preventing it from opening automatically or being identified by
virus scanners and bounced.
Clever clever.
--
Riad Wahby
rsw at jfet.org
MIT VI-2 M.Eng
More information about the cypherpunks-legacy
mailing list