San Francisco, November 12, 2024 —Cybercriminals exploit ZIP file concatenation to hide Trojans from detection tools, delivering malware like SmokeLoader through phishing emails disguised as harmless attachments.
A clever new method in the cybercriminal arsenal is exploiting the flexible structure of ZIP files to conceal malware, bypassing traditional security detection. Researchers at Perception Point revealed that attackers are using a technique called “concatenation” to hide Trojan malware inside ZIP files, deceiving even some of the most robust anti-malware tools.
Arthur Vaiselbuh, a Windows internals engineer, explained the technique’s advantage:
ZIP concatenation enables attackers to bury malware in layers, making detection by conventional tools much more challenging.
In a recent campaign, attackers sent phishing emails with malicious attachments disguised as shipping documents, labeled with high-priority tags to lure unsuspecting users. These ZIP files, which appear as benign attachments, actually hold concealed malicious files that are only revealed by certain archive tools.
Testing by Perception Point found that while tools like WinRAR could detect the hidden files, others like 7.zip often failed to expose the full content of concatenated ZIPs. This inconsistency gives cybercriminals an upper hand in evading detection. Peleg Cabra, a product marketing manager, emphasized the danger:
Different ZIP readers handle concatenation in varied ways, leaving critical gaps for exploitation in many security setups.
The primary target of this trick is unsuspecting users who download what they believe to be safe files, unknowingly unleashing malware. For organizations, experts recommend using advanced security solutions capable of deep file analysis to detect such threats and reviewing email security policies.
Other News At VPNRanks
Hey, wait!
Stay informed on the latest privacy updates, cybersecurity insights, and internet freedom news by following VPNRanks news daily! As your primary resource for critical updates in online security, we ensure you’re always in the know. Make VPNRanks your go-to guide for safeguarding your digital life!
