The Ugly Truth about ZIP Files


Recently a colleague had a ZIP file sent to them under the auspices of an Airline Reservation.  When it the ZIP attachment was opened, an .EXE file popped open in a text box with a prompt to RUN.  Luckily we realized something was amiss and did some exploring – This is what we found:

It was a Trojan Horse that was written in August of this year – and it is a nasty little bugger.  It is a keystroke logger, meaning that the file would record any and everything you type, including user names and passwords to any software, email, or bank account that may be logged into from the machine that it has infected.

ZIP files are used by most of us to simply compress large files, be it data, pictures, videos or audio into a smaller file size in order to email or migrate it to another user, computer, hard drive or other device.

Unfortunately zip files are also used by some for malicious reasons as well.  ZIP files compress the binary code (1’s and 0’s) with an algorithm to save disk space and shrink the digital footprint of the original file.

The double edge of this sword is that Antivirus software cannot find fully protect you against threats that are hidden within this compressed coding.  This means that ZIP files are some of the most potentially threating attachments that will ever appear in your inbox.

Here are a few simple ways to protect your computer from these potential threats.  First and foremost:

  • Avoid downloading ZIPs from untrusted websites.
  • Never open a ZIP file from an unknown or untrusted email source.
  • Even when a trusted sender sends or forwards a ZIP, be extra careful.
  • If the file asks you to RUN an .EXE file – Do Not!  This is most likely a Virus or a Trojan.

Related posts:

Leave a Reply