View Single Post
  #1   (View Single Post)  
Old 13th May 2011
J65nko J65nko is offline
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,504
Default Backwards Unicode names hides malware and viruses


AV vendor Norman has discovered malware that camouflages its file name via special Unicode characters. For instance, they may show up as exe.importantdocument.doc in the email client or in Windows Explorer. However, an executable (EXE) file that will still be treated as such by the system, and launched when double-clicked, is hidden behind this file name.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote