{
    "success": true,
    "data": {
        "id": 1617745,
        "msgid": "beware-of-new-hacker-trick-concealing-malware-in-corrupted-zip-files-1773665761",
        "date": "2026-03-16 19:04:00",
        "title": "Beware of New Hacker Trick: Concealing Malware in Corrupted ZIP Files",
        "author": "Yudha Pratomo",
        "source": "KOMPAS",
        "tags": "",
        "topic": "Technology",
        "summary": "Cybersecurity researchers have identified a new attack technique called \"Zombie ZIP\" that allows hackers to hide malware within ZIP files in a way that evades detection by popular antivirus software including Microsoft Defender, Bitdefender, and Kaspersky. The technique manipulates the ZIP file header to make the archive appear corrupted or containing random data, whilst concealing malicious code that can be extracted using a specialised program. Users are advised to exercise caution when downloading and opening ZIP files from the internet.",
        "content": "<p>Computer users need to be more cautious when opening ZIP files\ndownloaded from the internet. Recently, cybersecurity researchers\ndiscovered a new hacker attack technique called \u201cZombie ZIP\u201d.<\/p>\n<p>What is Zombie ZIP? This is a technique that allows malicious\nsoftware (malware) to hide within a ZIP file without being detected by\nmany antivirus programmes.<\/p>\n<p>A ZIP file is an archive format used to compress one or more files or\nfolders into a single, smaller package, making storage and data transfer\neasier. The file extension typically ends with .zip, which is natively\nsupported by Windows, macOS, and other systems.<\/p>\n<p>Unlike conventional malware distribution methods, Zombie ZIP makes\nthe archive file appear corrupted or contain random data, so many\nantivirus programmes do not recognise it as a threat. As a result,\nmalware can infiltrate a victim\u2019s system undetected.<\/p>\n<p>Several popular security products, including Microsoft Defender,\nBitdefender, and Kaspersky, were reportedly not immediately flagging\nsuch files as malicious software.<\/p>\n<p>To understand how this technique works, we need to examine how ZIP\nfiles are structured.<\/p>\n<p>Within each ZIP file there is an initial section called the header.\nThis section contains important information about the archive contents,\nsuch as the compression method used and how software should extract the\nfiles within it.<\/p>\n<p>In the Zombie ZIP technique, this header section is deliberately\nmanipulated. The file is created as if it uses a specific compression\nmethod, when in fact the data within it is compressed using a different\nmethod.<\/p>\n<p>When antivirus scans the file, the system only reads the information\nin the header. Because the data appears to be a collection of random\nbytes, the antivirus treats the file as ordinary, harmless data.<\/p>\n<p>However, behind the archive lies a programme or malware payload that\nremains hidden.<\/p>\n<p>Zombie ZIP files typically cannot be opened with common archive\napplications such as 7-Zip or WinRAR because they are treated as\ncorrupted archives.<\/p>\n<p>However, hackers are reported to be able to include a small\nspecialised programme that can read the actual data structure and\nextract the malware from the archive.<\/p>",
        "url": "https:\/\/jawawa.id\/newsitem\/beware-of-new-hacker-trick-concealing-malware-in-corrupted-zip-files-1773665761",
        "image": ""
    },
    "sponsor": "Okusi Associates",
    "sponsor_url": "https:\/\/okusiassociates.com"
}