This crafty email scam smuggles malware behind .zipx files

News
By published

Cybercriminals have found a sneaky new way to bypass security filters

compression
(Image credit: Shutterstock / rupadaratan)

Researchers have identified a new email scam that applies a number of crafty techniques to bypass security filters and infect victims with malware.

As described in a blog post from security firm Trustwave, cybercriminals are abusing file compression techniques to smuggle NanoCore malware into inboxes.

By concealing the malicious executable within a .zipx file, the scam operators improve their chances of circumventing security protections. The .zipx file is also dressed up as a PDF, complete with an Adobe Acrobat icon, in a bid to trick the victim into opening the attachment without thinking twice.

Once the .zipx file is unpacked by the recipient, using archive utilities WinRAR or 7zip (interestingly, WinZip fails to extract the executable), the remote access trojan (RAT) infects the device and relays any stolen data to command and control servers.

.zipx email scam

Although the scammers have gone to extreme lengths to conceal the malicious email attachment, the rest of the scam lacks the same level of sophistication.

The sender poses as a purchasing manager in urgent need of services, presumably in an attempt to prey on businesses struggling to survive under the strain of the pandemic. However, the email itself has all the hallmarks of malspam.

There are multiple errors of spelling and grammar, the sentence structure is awkward and the message is addressed to “Sir/Madam” as opposed to a specific recipient. As with many phishing and malspam campaigns, the opportunity offered up by the sender is also too good to be true.

In other words, the email gives the recipient every opportunity to identify the message as a fake.

As ever, to protect against email-based attacks of this kind, users are advised never to download unsolicited attachments from unknown sources, to scrutinize emails for errors that might betray a scam and to protect their machines with a leading antivirus solution.

TOPICS
Joel Khalili
Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Read more
email
A Windows filetype update may have complicated cyber threat detection efforts
An iPhone sitting on a wooden table
Millions at risk as malicious PDF files designed to steal your data are flooding SMS inboxes - how to stay safe
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Criminals are using a virtual hard disk image file to host and distribute dangerous malware
email
Hidden text "salting" is letting hackers craft devious email attacks to evade detection
Shopping scams
New wave of sextortion scams uses personal details and images to intimidate targets while bypassing traditional security measures
Close up of a business person using a smartphone.
Watch out, malicious PDF files are being used again in phishing attacks
Latest in Security
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Latest in News
Samsung HW-Q990D soundbar with Halloween theme over the top
Samsung promises to repair soundbars bricked by its disastrous software update for free – but it'll probably involve shipping
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
DJI Mavic 3 Pro
More DJI Mavic 4 Pro leaks seemingly reveal launch date, price and key features of the triple camera drone – here's what to expect
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Man sitting on sofa, drinking coffee, looking at phone in surprise
Thousands of coffee lovers warned to stop using their espresso machines immediately after reports of burns and lacerations
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why
More about security
IBM office logo

IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

Andrew Koji as Zeek pointing a gun at someone off camera.

Andrew Koji reveals Gangs of London season 3's new mysterious assassin is like 'the human Terminator' in the Sky Original series
See more latest
Most Popular
DJI Mavic 3 Pro
More DJI Mavic 4 Pro leaks seemingly reveal launch date, price and key features of the triple camera drone – here's what to expect
De'Longhi Linea Classic espresso machine on kitchen counter with hot and cold coffee drinks
I'm a qualified barista, and De'Longhi's latest espresso machine could be this year's best budget buy for coffee lovers
Man sitting on sofa, drinking coffee, looking at phone in surprise
Thousands of coffee lovers warned to stop using their espresso machines immediately after reports of burns and lacerations
Samsung HW-Q990D soundbar with Halloween theme over the top
Samsung promises to repair soundbars bricked by its disastrous software update for free – but it'll probably involve shipping
A Minecraft sheep.
Minecraft developer rejects generative AI, 'it's important that it makes us feel happy to create as humans'
Nvidia AMD
Nvidia rumors suggest it's working on two affordable GPUs to spoil AMD's party
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Apple iPhone 16 Review
New iPhone 17 report lends weight to rumors of major display and camera upgrades, and a pricey Apple foldable