Is it possible for a compressed file to contain malicious code?



  • I recently downloaded 2 compressed files (.zip and .rar) from a really unreliable and untrusted source while using a browser integrated VPN. My antivirus didn't notice anything but I am curious if it is possible for a compressed file to contain malicious code that could potentially reveal my real IP address by communicating with a server (or something, I am not a programmer :P). I know IPs are not something you really need to hide (since every site toy visit has it on it's logs) but I would like to know if it is possible from a technical point of view.

    Thanks!



  • A compressed archive could of course contain arbitrary files inside, including malware. But in this case unpacking and explicitly executing would be needed.

    But, bugs in the archive program (i.e. WinRAR in your case) could cause a code execution simply by trying to open an archive, if the archive was specifically prepared to exploit the security issue. Such bugs actually happen, see Nasty code-execution bug in WinRAR threatened millions of users for 14 years.

    And code execution then can be done anything, including contacting a remote server to reveal your IP address. Or also encrypt all your files on the system and demand a ransom - which is likely worse than just exposing your IP address.



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2