new nasty email virus trick to bypass scanners
OK, here is a nasty virus trick. The message gets sent in a password protected zip file. The text of the messages says here are my pics and enter in the passwd xxxx to view the archive. The big problem is that normal avscanners cannot open the zip file to scan the contents since it is password protected. However, the user can be easily socially engineered to open the file and blam. The text of the message is nice and enticing making it look like private email with dirty pictures accidentally sent to the user... ---Mike -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike
In message <6.0.1.1.0.20031203171513.089a6c00@209.112.4.2>, Mike Tancsa writes:
OK, here is a nasty virus trick. The message gets sent in a password protected zip file. The text of the messages says here are my pics and enter in the passwd xxxx to view the archive.
Is this in the wild yet? Any other details worth looking for? Symantec's AV site apparently has nothing on it. --Steve Bellovin, http://www.research.att.com/~smb
participants (2)
-
Mike Tancsa
-
Steven M. Bellovin