Microsoft cloud services scan users’ zip files even if they are password protected. It has been reported ArsTechnica With a link to Mastodon user posts.
“Microsoft is trying to bypass password protection on zip files and, if successful, scans for malicious code,” said security researcher Andrew Brandt.
He said Microsoft 365 recently marked the password-protected zip file as “infected” for a colleague. It is stated that compressing the contents of files into archives is a tactic of cybercriminals to hide viruses and distribute them via e-mail.
“Such an interesting way of solving a problem with your business would be a big deal for people like me who need to send malware samples to their colleagues,” the expert added.
His fellow researcher, Kevin Beaumont, joined the discussion. According to him, Microsoft’s first way is to extract possible passwords from the body of the email or the name of the file, and the second is to check the file to see if it’s protected by one of the passwords in the list. .
ArsTechnica felt that Microsoft’s application almost certainly saved large numbers of users from attacks by cybercriminals trying to infect computers.
An earlier survey found that almost a quarter (23%) of Russians used as password names, names of relatives and friends, and nicknames of pets.