Malwares hiding behind the backwards Unicode names

This article will introduce to Backwards Unicode names of files that hide malware and viruses. This principal can be used in every OS`s like Windows, Linux, Mac. I have chosen this topic because I think it can be very dangerous for everyone even good specialist of IT. I think that this topic is relevant to the IT security, because yours system can be infected by malware that hard to recognize.

Norman one of Anti-Virus vendor has discovered malware that camouflages its file name via special Unicode characters. For example, they may show up as exe.importantdoc.pdf . However, an executable (EXE) file that will launched when double-clicked, is hidden behind this file name.

The offending unicode characters are 0x202E – right-to-left override and 0x202B – right-to-left embedding. They coexist with their siblings 0x202Dleft-to-right override and 0x202A – left-to-right embedding. These are general unicode punctuation codes. “



User will therefore no longer be able to trust the file names that are being displayed.


This entry was posted in IT Security, Week 19. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s