funsec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: RE: funsec Office 2007 has 0 security issues

From: "David Harley" <david.a.harley () gmail com>
Date: Tue, 10 Apr 2007 15:38:26 +0100
I'm actually not convinced that the encrypted zip file 
technique was ever very successful. There's no way to prove 
it was. All those worms sent out in this way were also sent 
out in unencrypted form.


Depends on your definition of success. If anyone ever sent out a mass mailer
with the intention of making life difficult for system managers, encrypted
zips helped them no end. :-/


I've asked the malware companies about this over the years 
and never got an answer, and I think it's because they don't 
know, and they can't know.


That's probably right. Almost by definition, computer users who fall into
the malicious attachment trap will be an unreliable source of info, and it
would be painful harvesting that info automagically. 

One thought occurs to me: we - or at any rate I - see comparatively little
zip encryption with current mailborne malware. If this matches what people
like Nick who are far more hands-on than I are seeing, it suggests that the
current crop of malware authors agree with you.

-- 
David Harley 
Security Author/Editor/Consultant, Antivirus Researcher
Small Blue-Green World
dharley () smallblue-greenworld co uk
New botnet book: http://www.syngress.com/catalog/?pid=4270
Security Bibliography:
http://www.smallblue-greenworld.co.uk/pages/bibliography.html
Articles: http://watersidesyndication.com/inbusiness/;
http://dharley.wordpress.com/
 






_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: