New Virus Attacks Via RAR Files 585
sscottsci writes "A new article at eWeek indicates that Virus writers are using .RAR files to bypass Filters and Anti-Virus systems to infect computers. Most anti-virus software cannot scan a .RAR file, and most firewalls do not block the extension yet."
Oh, the horrid memories (Score:5, Funny)
uh... (Score:5, Funny)
For those that don't know (Score:5, Funny)
Slashdot Headline! (Score:5, Funny)
eWeek ... (Score:5, Funny)
In other news (Score:2, Funny)
Fortunatelly, no one got it, as no one remembers anymore what the heck an
Rumors said the password is "G04TSE.CXR0X".. go now then, have some fun...
How about a .virus file type? (Score:5, Funny)
Is anyone with me?
Re:first post (Score:2, Funny)
Re:Oh, the horrid memories (Score:5, Funny)
Re:For those that don't know (Score:5, Funny)
Nah, it's 100% legal - you're simply a small part of someone's distributed offsite backup and archive model.
Re:No problem! (Score:3, Funny)
Cumulatively, it could be a big waste reduction.
Another strike against Linux (Score:3, Funny)
All my household systems come with software to decrypt rars, bzip2s, gzips, tars, etc. .
All this extra functionality results in vulnerabilities, eh?
Oh. Wait. Even when I get the file open, the trojan won't excute. Guess I better fire up Wine, see if I can get it to work.
If only Win32 was better supported in Linux, then I wouldn't have these cross-platform issues.
Re:RAR is very popular in China (Score:2, Funny)
Re:Is this really a big deal? (Score:5, Funny)
A more clever approach is to have another program do the extracting for you - for example, to distribute it as a password-protected zip file and make the password known to the user. That way, you don't need the identifiable extractor.
Re:uh... (Score:3, Funny)
Re:Is this really a big deal? (Score:2, Funny)
Ohh, it's just about user stupidity as usual (Score:3, Funny)
It's not a problem with RAR in specific... If they block RAR files, I'm sure they could instead just be guided to a web page and told to install an ActiveX control instead.
If you could only patch the real serious security holes here -- the ones in the users' brains...
Whelp (Score:1, Funny)
Re:Oh, the horrid memories (Score:3, Funny)
Of course, remotely putting that into the autostart folders of pesky coworkers is nice too. Praise Billy Boy for \\[IP address]\C$\ and null sessions. Heh.
Re:Big deal (Score:2, Funny)
Re:Is this really a big deal? (Score:3, Funny)
You would be surprised how few email filters detect an attachment which is simply sent as Base64 or UUEncoded text, in the body. As it's not an attachment, it frequently gets ignored.
Why would we be surprised? People who write e-mail filters have to balance between security and convenience of the user.
I mean, imagine a super complex e-mail filter program that blocked every conceivable way of sending an attachment. If I sent a letter to my mom asking her how her stay was in the hospital, and got something back like:
"Your email was blocked because if you take the lower 4th bits of every word whose position is a prime number and reverse the endianess, you get a executable that runs on the 8-bit Gameboy platform, which could then be run by the recipient using an emulator. This executable has been blocked for your protection. Have a nice day."
I'd be pretty annoyed.
Re:Is this really a big deal? Use WordPad (Score:4, Funny)
"Why won't my Office work, and what is this silly 'wordpad' that started up?"