> I'm actually not convinced that the encrypted zip file > technique was ever very successful. There's no way to prove > it was. All those worms sent out in this way were also sent > out in unencrypted form.
Depends on your definition of success. If anyone ever sent out a mass mailer with the intention of making life difficult for system managers, encrypted zips helped them no end. :-/ > I've asked the malware companies about this over the years > and never got an answer, and I think it's because they don't > know, and they can't know. That's probably right. Almost by definition, computer users who fall into the malicious attachment trap will be an unreliable source of info, and it would be painful harvesting that info automagically. One thought occurs to me: we - or at any rate I - see comparatively little zip encryption with current mailborne malware. If this matches what people like Nick who are far more hands-on than I are seeing, it suggests that the current crop of malware authors agree with you. -- David Harley Security Author/Editor/Consultant, Antivirus Researcher Small Blue-Green World [EMAIL PROTECTED] New botnet book: http://www.syngress.com/catalog/?pid=4270 Security Bibliography: http://www.smallblue-greenworld.co.uk/pages/bibliography.html Articles: http://watersidesyndication.com/inbusiness/; http://dharley.wordpress.com/ > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
