Multiple vendor antivirus .kz archive format evasion/bypass

Discussion in 'other security issues & news' started by kareldjag, Feb 3, 2012.

Thread Status:
Not open for further replies.
  1. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
  2. 3x0gR13N

    3x0gR13N Registered Member

    Joined:
    May 1, 2008
    Posts:
    754
    Heh, "vulnerability"... right. :rolleyes:

    It's simply a matter of not supporting archive formats, either via documented implementation or through emulation/heuristic unpacking, nothing more.
    A lot of AVs still don't support even the basic compression methods, like 7zip or zipx, so this is nothing new or something to be concerned about. The file will be detected upon extraction.
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It does bypass things such as download scanners. It gets the malware onto the system, which is step one.

    Not a big deal though.
     
  4. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
Loading...
Thread Status:
Not open for further replies.