Amoxtli@thelemmy.club to Cybersecurity@sh.itjust.worksEnglish · 2 days agoLinux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detectionthehackernews.comexternal-linkmessage-square3linkfedilinkarrow-up137arrow-down10
arrow-up137arrow-down1external-linkLinux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detectionthehackernews.comAmoxtli@thelemmy.club to Cybersecurity@sh.itjust.worksEnglish · 2 days agomessage-square3linkfedilink
minus-squaregrue@lemmy.worldlinkfedilinkEnglisharrow-up5·1 day agoIs there anything special about the “inside a RAR archive” part? Would other archive formats work just as well, or could the maliciously-named file be attached to an email directly?
minus-squareSSUPII@sopuli.xyzlinkfedilinkEnglisharrow-up1·edit-21 day agoI don’t see why the archive is important at all here, other than file naming limitations. The weak point is from other automated scripts not sanitising the file list when such a file is present, not from the extraction of the archive. I really am seeing a nothing burger here.
Is there anything special about the “inside a RAR archive” part? Would other archive formats work just as well, or could the maliciously-named file be attached to an email directly?
I don’t see why the archive is important at all here, other than file naming limitations.
The weak point is from other automated scripts not sanitising the file list when such a file is present, not from the extraction of the archive.
I really am seeing a nothing burger here.
deleted by creator