Viruses Can't Hide From Kaspersky

04 Mar 2004
Virus News

Kaspersky Lab, a leading information security software company, presents a brand new technology protecting against Internet worms spreading in password protected ZIP compressed files.

Malicious programs that spread in protected ZIP files are particularly difficult to detect. Firstly, a password scanning module is necessary to scan these archives. Secondly, scanning ZIP files requires additional system resources and can significantly impair system performance.

Fearso, an Internet worm that appeared in the summer of 2003, was the first malicious program to spread in protected ZIP files. However, despite the fact that 24 versions of Fearso exist, this particular worm has never been detected in the wild. The recent outbreak of Bagel worms, specifically version F through J, amply demonstrated the real danger of this propagation method.

Kaspersky Lab has responded with a completely new technology to deflect malicious programs spreading in password protected ZIP files: a technique which guarantees reliability and speed. Kaspersky® Anti-Virus can now detect protected ZIP archives, scan the email body for the password and then unpack and check the attachment for viruses.

"This new technology protects users from new generation worms, specifically worms that hide in password protected ZIP files. 5 worms using this technique appeared within only 4 days - a new trend has been set in the computer underground", commented Eugene Kaspersky, head of anti-virus research at Kaspersky Lab.

Currently, Kaspersky® Anti-Virus is the only antivirus offering effective protection against malicious programs spreading via password protected ZIP files. Registered users of Kaspersky Anti-Virus will be fully protected once they download the latest antivirus database updates.