Jump to content

malicious .iso file


Recommended Posts

have a question about a downloaded "bad" file, i was redirected to a page from a link and, because i used chrome, it automatically downloaded a .iso file and saved it on the C drive in the downloads folder.

I am confident that the file is malicious and I immediately removed it and also removed it from the bin, on windows. Is it possible for the .iso file to do something bad without me clicking on it or mounting it? or am i safe because I deleted it quickly?

Thanks for the help! - and if it is bad, any suggestions on fixes? I simple just re install windows.

Link to post
Share on other sites

ISO files re not malicious.  Just like a Petri Dish is not dangerous.  They are both containers that can have dangerous substances.  A Petri Dish may contain Anthrax or a fungal micotoxin or it can contain a benign substance.  An ISO file is a type Archive File, akin to it more common siblings ZIP and RAR, that may or not contain malware.  As a container they allow better safety in handling and distribution.

In the last few months we have been seeing malware sent in email in ACE and ISO Archive containers.  Presumably because many anti malware applications do not extract files from this format for scanning for malicious content.  As long as any malware stays in a ZIP, RAP, 7zip, ACE or ISO file, it can be handled safely.  In the case of a malicious email message that is using these file types, you are safe as long as you do not open the archive file and execute its contents.

Since ACE and ISO files are NOT common, any email that has them can be immediately presumed to be malicious and the email summarily deleted.

Any time email comes with an Archive file from any of your friends, family or coworkers and you were not expecting it, do NOT open it.  Ask the sender if they sent it and if if they admit they sent it, you can proceed to that email attachment.  If the person who supposedly sent the file denies sending it, summarily delete the email and let them know that either their email is being impersonated or it was compromised.

 

Edited by David H. Lipman
Link to post
Share on other sites

2 hours ago, David H. Lipman said:

ISO files re not malicious.  Just like a Petri Dish is not dangerous.  They are both containers that can have dangerous substances.  A Petri Dish may contain Anthrax or a fungal micotoxin or it can contain a benign substance.  An ISO file is a type Archive File, akin to it more common siblings ZIP and RAR, that may or not contain malware.  As a container they allow better safety in handling and distribution.

In the last few months we have been seeing malware sent in email in ACE and ISO Archive containers.  Presumably because many anti malware applications do not extract files from this format for scanning for malicious content.  As long as any malware stays in a ZIP, RAP, 7zip, ACE or ISO file, it can be handled safely.  In the case of a malicious email message that is using these file types, you are safe as long as you do not open the archive file and execute its contents.

Since ACE and ISO files are NOT common, any email that has them can be immediately presumed to be malicious and the email summarily deleted.

Any time email comes with an Archive file from any of your friends, family or coworkers and you were not expecting it, do NOT open it.  Ask the sender if they sent it and if if they admit they sent it, you can proceed to that email attachment.  If the person who supposedly sent the file denies sending it, summarily delete the email and let them know that either their email is being impersonated or it was compromised.

 

Thanks for the response!

if there was a problem would you say that a windows re-install would fix everything as in malishous programs and viruses? - a final fix all, shotgun, solution?  like the last silver bullet? 

Link to post
Share on other sites

That's a draconian position.  Like swatting a fly with a sledge-hammer.  The trouble of going through a Wipe and Reinstall should be justifiable.

One must make a Cost Benefit Analysis to see if if the cost of removal is higher than the cost of wiping the PC, reinstalling the OS from scratch, patch the OS to make it current, restoring data and installing all applications.

However, if you had a "current" image generated by using Ghost or CloneZilla then that may be a viable approach.

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.