Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Scanning Encrypted .Zip Files

FUDBust: First Netbox and then Sophos announced the cracking of encrypted .zip viruses, such as the Bagel worm. Until now, e-mail administrators have been forced to block all .zip files or issue a warning to users not to open encrypted .zip files, even ones from management. Of course, neither strategy is very effective.

The approach these two early birds have taken is to read the password included in the e-mail to decrypt the infected .zip file. This might not seem much better than using a virus dictionary. But as long as the password is passed in open text, the scanners should be able to parse for it, which eliminates the need for constant updates to stay ahead of virus-password morphing.

Post a comment or question on this story.