Hackers are targeting Windows machines using the ZIP file concatenation technique to deliver malicious payloads in compressed archives without security solutions detecting them.

Hacker News is a community-driven platform for sharing and discussing technology news, startups, and programming-related topics. Through user submissions and comments, Hacker News offers insights into emerging technology trends, industry developments, and entrepreneurial ventures. Readers can participate in discussions, share their insights, and stay informed about the latest advancements in technology and innovation.

Hacker News

Hackers are exploiting ZIP file concatenation to deliver malicious payloads on Windows machines without detection. This technique leverages how different ZIP parsers handle concatenated files. Researchers from Perception Point discovered a phishing attack using this method, where the malicious payload was hidden in one of the concatenated ZIPs and disguised as a legitimate file. Security solutions supporting recursive unpacking and treating emails with ZIP attachments suspiciously are recommended as defensive measures.

Hackers now use ZIP file concatenation to evade detection

<p>There is a moment that peopole are doing this thing, especially with SFX archives disguised il a RAR file. Once the guy will open the file, the backdoor will execute himself very discreetely.</p>


<p>Either hacker is really slow or the reporter. I found it several years ago when i downloaded the windows key generator from internet and defender was deleting my file when tried to open it. then i ziped it and it was fine.</p>
