Is encrypted data vulnerable to malware?

Discussion in 'other security issues & news' started by I_lack_commonsense, May 13, 2003.

Thread Status:
Not open for further replies.
  1. I_lack_commonsense

    I_lack_commonsense Registered Member

    Jan 22, 2003
    Not to sure where this topic would best fall under...

    In AVs doesnt the quarantine folder usually encrypt the malware? So I guess im wondering does it work both ways.

    Simply put can encrypted data be infected by virii or other types of malware.

    Thanks in advance :)
  2. meneer

    meneer Registered Member

    Nov 27, 2002
    The Netherlands
    The title is not quite te subject in this posting considering your 'simply put' question. Any file can contain malware, encrypted or not. So it is very important to use a scanner that acts right on decrypting a file to be able to intercept any malware before it becomes a threat.
    If a scanner quarantaines a file, it may be encrypted, but other measures can be taken as well, depending on the configuration of your scanner (deleting, renaming, moving). Mine is instructed to just delete malware (never happened so far ;) )

    As for the acts of malware on encrypted files (your question in the title literately) I don't see a big risk, apart from malware deleting a file or corrupting it. Perhaps trojans pose a risk, for instance the latest Fizzer.A worm leaves behind a trojan with a keystroke logger that tries to intercept passwords. And since you use a password to en/decrypt files, those might be at risk. But, as I said, clean encrypted files are not very vulnerable.
  3. Patrice

    Patrice Registered Member

    Apr 15, 2003
    Hi I_lack_commonsense,

    no I don't think so. The reason is the following: a virus or other malware better infects an executable file so that it can spread itself on the system. If it would infect other data, the virus wouldn't be able to infect the whole system. Only with the executables he got the right to write data on the system.

    Encrypted or quarantined data is safe. I never heard or read about an issue where encrypted data was infected. Inside the encrypted file, the infected files aren't able to write on the system, they are locked inside. That's why AV-scanners encrypt it.


Thread Status:
Not open for further replies.