Abdelrahman HassanThe use of compressed files has become widespread in a new way to bypass security systems, which is by merging compressed files together into one file.
The hacker creates two compressed files; one containing a harmless file, the other containing a malicious file, and then merges them into one file by adding the second file to the end of the first file.
This method takes advantage of how decompression programs read compressed files; some programs, such as antivirus and 7-Zip, only read the first file, while a program like WinRar reads the second file.
This allows the hacker to bypass the security system, as the protection system or software analyst using 7-Zip does not see the malicious file, while the end user using WinRar extracts and runs the malicious file.
