“Weaponized ZIP archives were distributed on trading forums. “By exploiting a vulnerability within this program, threat actors were able to craft ZIP archives that serve as carriers for various malware families,” Group-IB Malware Analyst Andrey Polovinkin wrote. WinRAR developers fixed the vulnerability, tracked as CVE-2023-38831, earlier this month. The total amount of financial losses and total number of victims infected is unknown, although Group-IB said it has tracked at least 130 individuals known to have been compromised. The attackers have been using the vulnerability to remotely execute code that installs malware from families, including DarkMe, GuLoader, and Remcos RAT.įrom there, the criminals withdraw money from broker accounts. The vulnerability, residing in the way WinRAR processes the ZIP file format, has been under active exploit since April in securities trading forums, researchers from security firm Group IB reported Wednesday. All downloads are as usually available on the official website.A newly discovered zero-day in the widely used WinRAR file-compression program has been exploited for four months by unknown attackers who are using it to install malware when targets open booby-trapped JPGs and other innocuous inside file archives. WinRAR 6.20 users may install the new version to upgrade the compression software. tar.bz2 archives", a crash when unpacking files from specially crafted ZIP archives, and a bug that caused archive modification commands to fail for certain ZIP archives with file comments. The new release fixes a memory leak when "reading contents of. WinRAR 6.20 includes several bug fixes next to improvements. If the password is not correct, the dialog will be displayed again.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |