Are you at risk?
Attackers get past security measures by hiding malware deep within compressed files. Unfortunately, most network security solutions are regularly fooled by this technique because they can’t analyse a file compressed with any format other than ZIP.
There are a number of legitimate compression formats commonly used and easily opened by typical end users on most operating systems other than ZIP, such as:
- TAR.GZ - compression which dominates the world of Linux
- 7Z – a fast compression format growing in popularity
- CAB - a standard Windows installer package compression format.
This is a simple test to see if your network security will catch malware hiding in a compressed file.
- Two files are put into a folder; one file is EICAR (a standard anti-virus test file) and the second is a screenshot of a website taken in the last 5 minutes.
- Then the test compresses this folder into a file using different types and multiple levels of compression to obscure the contents.
- Finally you use this tool to send these files to yourself so you can see how well your security identifies the EICAR code within different types of files.