Your browser is obsolete!

The page may not load correctly.

The rules of ”basic hygiene”

Правила гигиены

Other issues in this category (104)
  • add to favourites
    Add to Bookmarks

Invisible extensions

Read: 21176 Comments: 2 Rating: 10

Wednesday, September 6, 2017

To spread malware over removable media, criminals often abuse the autorun feature, use hidden files and resort to social engineering tricks. For example, they take advantage of the fact that in Windows, file extensions, which indicate what type of file is involved, are hidden by default.

For example, should we beware of the file kitty.jpg? Of course we should because in reality it can be kitty.jpg.exe—and, as you know, that changes a lot.

Another malicious program paid a visit to one of our offices.

A machine infected with some malware created a file named New Folder.exe on a thumb drive.

And because filename extensions are usually hidden in Windows Explorer, users only see "New Folder" and the standard folder icon.

#drweb

Actually, it’s not a folder but a file. You can check this easily: just view the properties of this "New Folder".

#drweb

We can see that this is an application, i.e., an executable file in the guise of a folder.

The idea is simple: the user sees a new folder on the flash drive, clicks on it to view its contents, and through those finger movements actually install the malware on their own computer.

http://www.comp-man.info/2012/01/blog-post_27.html

When Dr.Web scans files, it doesn't factor in their name extensions. Rather, it analyses file contents. It opens files and analyses their structure to determine what kind of files they are.

This also decreases file scanning time because once the file type is determined, only the necessary routines need to be applied.

To prevent Windows from hiding filename extensions, open Folder options. Unfortunately, the location of these settings is different under different versions of Windows. In Windows 7 you need to open the Control Panel, select Folder Options and move to the View pane. Under Windows 10, open File Explorer, go to View, select Options and choose Change folder and search options.

#drweb

To see extensions, clear the Hide extensions for known file types checkbox.

#Windows #malware #social_engineering #removable_media #terminology

The Anti-virus Times recommends

Configure your system so that you can see hidden files and extensions.

[Twitter]

Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments

Comments to other issues | My comments