FunkyBuddha Posted August 26, 2023 Share #1 Posted August 26, 2023 Update Now: Hackers Used WinRAR Flaw Since April to Spread Malware By exploiting the zero-day vulnerability to spread malware, hackers were able to withdraw funds from victims' brokerage accounts, according to security firm Group-IB. If you use WinRAR, it’s time to patch. Since April, hackers have been exploiting a previously unknown vulnerability in the software to spread malware to unsuspecting victims. The findings come from cybersecurity firm Group-IB, which spotted hackers abusing the flaw to infect at least 130 devices with malware. Group-IB today warned about the dangers, days after a second vulnerability, dubbed CVE-2023-40477, was disclosed in WinRAR, which can also be abused to launch malware. The vulnerability uncovered by Group-IB has been designated CVE-2023-38831. By abusing the flaw, a hacker can “spoof” a file extension in an archive file, making it easy to hide malicious programs under benign file formats, such as .jpg or .txt. More info here: Quote https://www.pcmag.com/news/update-now-hackers-used-winrar-flaw-since-april-to-spread-malware 1 1 Link to comment
Andr-Tech uk666 Posted August 27, 2023 Andr-Tech Share #2 Posted August 27, 2023 The zero-day was fixed in WinRAR version 6.23, released on August 2, 2023, which also resolves several other security issues, including CVE-2023-40477, a flaw that can trigger command execution upon opening a specially crafted RAR file. WinRAR version 6.23. Download: https://forum-andr.net/forums/topic/233029-winrar-623-x86x64-final-portable/#comment-399111 1 1 Link to comment
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now