According to a warning by a security investigator, one fresh malicious program is spreading across the Web which reverses the order of reading of a filename and thereby hides the 'exe' within it so that such a file looks from RLO, meaning "right to left override," Infosecurity published on August 19, 2011.
The investigator named Lordian Mosuela attached with Israel-based Commtouch a security company explains that RLO represents one unicode control letter (U+202E), which makes a user read the characters from right-to-left instead of the usual left-to-right. Naturally, the mechanism is useful for languages which are based on right-to-left reading like Hebrew and Arabic. However, cyber-criminals are now abusing it in a manner that end-users will double-click seemingly harmless files, Mosuela warns. Infosecurity published this.
Moreover according to Mosuela, the Commtouch security team reported the technique during 2010, however, over the 3rd-week of August 2011, it has reappeared widely for deceiving end-users into clicking and viewing malware executables. Commtouch's blog posted Mosuela's observations on August 18, 2011.
...
