Reply to post: Re: There was almost a standard here

ZIPX files that aren't: Keep a weather eye out for disguised malware in email attachments

doublelayer Silver badge

Re: There was almost a standard here

From Wikipedia:

"WinZip, starting with version 12.1, uses the extension .zipx for ZIP files that use compression methods newer than DEFLATE; specifically, methods BZip, LZMA, PPMd, Jpeg and Wavpack. The last 2 are applied to appropriate file types when "Best method" compression is selected.[27][28]". It doesn't explain how clicking on that executed an autoextractor, but maybe I'm overthinking it and people actually did decompress it with a compatible archive program and manually launched the files within. It's a little weird how many people will go to rather extreme lengths to execute code that is so suspicious. Last year, El Reg posted an article describing a partially successful campaign requiring users to download a RAR file and then decrypt it just to open a PDF, which some people in engineering fields actually did.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021