Researchers warn of malware hidden in .zip files | InSecurity Complex – CNET News
April 14, 2010 4:17 PM PDT Researchers warn of malware hidden in .zip filesby Elinor Mills Font sizePrintE-mailShare15 comments Yahoo! BuzzShare21 (Credit: Black Hat) Security researchers have discovered flaws in common file formats, including .zip, which can be used to sneak malware onto computers by evading antivirus detection.
Eight vulnerabilities were found in .zip, supported by Microsoft Office, along with seven others in the .7zip, .rar, .cab and .gzip file formats, said Mario Vuksan, president of ReversingLabs Corp. The vulnerabilities could be used by attackers to hide malware that could then be slipped past antivirus software via an e-mail attachment and used to compromise a computer, he said. "The file goes straight through Gmail or Hotmail because it’s a trusted format," he added.
"Antivirus software can’t see the hidden payload. Once the file is opened the payload (or malware) is on the system."
In addition to being used to attack a computer, the vulnerabilities could be used for steganography, or hiding secret messages in otherwise innocent-looking files, according to Vuksan. Typically, steganography involves messages hidden in images and photos.