IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Surge in password-protected malware

Experts warn of viruses travelling in password-protected zip files.

There has been a surge in viruses sent in the form of an apparently trustworthy password-protected zip file attachment, security experts are warning.

Messaging security specialist Email Systems says more virus writers than ever before are delivering their malicious code as either an encrypted or password-protected email, causing even the security-savvy to fall victim unwittingly.

The first viruses hidden in supposedly safe zip attachments were identified six months ago, said Greg Miller, marketing director at Email Systems. He said the situation has worsened considerably in recent weeks with a significant increase in the number of such mails being propagated.

"This is another step change in the tactics of the virus industry," said Millar. "We've seen a drop off in viruses delivered by email in the last year or so. Now there's obviously been another fluctuation in what virus writers are up to. They are getting even cleverer, and hiding the viruses a little bit deeper."

The new batch of virus laden emails typically contain the Trojan.Peacomm virus, also known as the Storm Trojan, which is around 77Kb in size and usually contained within either an encrypted email or a password-protected zip attachment to an email.

The emails sometimes contain a security warning, supposedly offering to protect the user from a threat. The phrase ATTN! is frequently prominent within the subject line of such emails, which also sometimes proclaim 'Worm Detected!', 'Virus Detected!', 'Spyware Alert!' or 'Warning!'

On receipt of such an email, users are prompted with a password and thereby are unwittingly able to release the virus on their machine. On release, the Storm Trojan virus is designed to retrieve additional malicious code from the internet.

"The huge rise in spam levels we saw before Christmas was about swamping people with sheer volume, hoping to catch them out that way," said Millar. "This is another change in an ever shifting range of methods."

During the last few weeks, he says, Email Systems has quarantined hundreds of thousands of such emails - a major increase from the tens of thousands witnessed last year.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022