On Mon, Mar 01, 2004 at 05:31:35PM +0700, Fajar A. Nugraha wrote: > Bill Taroli wrote: > > >Perhaps a silly question... if the .ZIP attachment is passworded, how > >are the target users supposed to be opening them and getting infected? > >Has the password been included in the email in which the .ZIP was > >attached? > > No, silly me. I forgot to mention that the password is included in email > body. > > Which means that the only way it can infect you is if you use Windows, > don't have any updated AV scanner, open the attachment, and > intentionally type in the password. > > However, judging from the fact that it IS spreading in my network now, > some people tend to do exactly that.
Kaspersky have added the text string to their signatures (the one that tries to entice you into unpacking the zip file). That seems to be all you can do right now. In the somewhat longer run perhaps the engine needs to be able to get a list of possible passwords so it can have a go at decrypting the zip file. -- Erik Corry I'd be a Libertarian, if they weren't all a [EMAIL PROTECTED] bunch of tax-dodging professional whiners. - B. Breathed. ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
