Phishing
File Archiver
Contributors:
Adithya - @ravooriadithya
Description:
An XZ file is an archive compressed using XZ compression, a high-ratio compression algorithm based on the LZMA algorithm. It contains one or more files compressed by the xz command-line tool included with XZ Utils. Much like a .ZIP file, an XZ file contains files that have been compressed so they can be stored and shared with others more easily. Users often use XZ files to share compressed files over the Internet, via email, and on USB drives. Similar to other archive types, .xz file types can act as carriers of malicious files.
OS:
Windows
Linux
Recommendation:
After validating business usage, monitor & block the download and execution of .xz archive files on email & web gateways and endpoints . Whitelist as required.
Resources:
File Samples: