Microsoft cloud services, including OneDrive and SharePoint, have started to scan password protected ZIP archives that users upload or share using these services.
Internet users have a number of options when it comes to hosting files online or sharing them. Archive formats, such as ZIP or RAR, are popular options when it comes to the hosting or sharing of multiple files that belong together.
Cyber criminals have long used archive formats to distribute malware. Since most antivirus solutions scan unprotected archives for malware, they have started to password protect the archives instead. While that means getting potential victims to type the password to unlock the archive, it blocks many antivirus engines from checking the archive’s contents.
Security researcher Andrew Brandt revealed on Monday that Microsoft started to scan password protected zip archives on SharePoint. He noticed that Microsoft started to flag some of his uploaded malware samples, contained in password protected zip archives, as malware.