View Single Post
  #1   (View Single Post)  
Old 13th May 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default Backwards Unicode names hides malware and viruses

From http://www.h-online.com/security/new...s-1242114.html

Quote:
AV vendor Norman has discovered malware that camouflages its file name via special Unicode characters. For instance, they may show up as exe.importantdocument.doc in the email client or in Windows Explorer. However, an executable (EXE) file that will still be treated as such by the system, and launched when double-clicked, is hidden behind this file name.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote