View Full Version : Gmail and malware attachments

April 16th, 2015, 22:40
The other day I sent a friend a totally harmless test exe I wrote via Gmail, 7-Zipped, no password. I used 7-Zip partly because I knew Gmail scanned .zip files, but not .7z files (so I thought). Apparently they now scan .7z files as well and my attachment was disallowed because it "contained an executable file". Nothing flagged as malicious, just that it had an .exe extension. Whatever. I password protected the file and sent it off again and didn't think much more of it.

I just happened across the following post and found it interesting in light of what had just occurred to me. I'm just passing it on for reference.

Is Google Scanning Malware Email Attachments Between Researchers

It also turns out (or did at the time), that Google was attempting to unzip password-protected archives, in particular it would succeed with .zip files when the password was "infected", i.e. what is probably the most common password used when malware is casually shared between those who analyze them.

This raised a bit of a fuss, but a comment reportedly by a Google representative confirmed that a third-party AV engine used by Gmail was designed to automatically open ZIP files with a password of 'infected', and that they were looking into disabling that feature. Not sure if they have or not, but it's something to keep in mind.

April 17th, 2015, 09:48
You can't be surprised, right?

Skynet's very existence is predicated on collecting as much information as possible from each and every user - privacy be damned.