[LINK] The ZIP email and the PDF email
Craig Sanders
cas at taz.net.au
Mon Jul 2 20:24:38 AEST 2007
On Mon, Jul 02, 2007 at 12:26:21PM +1000, Rick Welykochy wrote:
> I have been receiving two or three emails per days for months now
> that contain a ZIP file attachment. I presume that this email exploits
> known holes in older version of WinZip and PKZIP (and perhaps GNU's unzip)
> that give full access to the victim's machine.
>
> Now I am seeing a similar number of emails with a PDF attachment.
> Google turns up some mild PDF threats dated 2001.
>
> Does anyone know if either of these emails are attacks, and if so
> what the attack vector actually is?
zip files, especially password protected ones, are likely to be viruses.
they're pw-protected so that anti-virus scanners can't open and scan
them. it's a social-engineering attack, relying on stupid users to
follow the instructions in the email.
PDFs could be a virus or trojan, or they could be spam. image-spammers
(mostly pump-and-dump stock-market scammers, and pill spammers) have
moved on from gif and jpg, and are now using PDF files.
craig
--
craig sanders <cas at taz.net.au>
The infliction of cruelty with a good conscience is a delight to moralists.
That is why they invented hell.
-- Bertrand Russell
More information about the Link
mailing list