![]() ![]() Group-IB research shows that the vulnerability originates from a processing error in opening the file in the ZIP archive. The tool also provides fast email transmission and well-organized data storage options. The tool offers improved ways to compress files for efficient and secure file transfer. WinRAR is among the world’s most popular compression tools and has over 500 million users worldwide. CISA has urged users to patch the vulnerability before September 14, 2023. ![]() The Group-IB report says 130 devices on forums that people use to trade cryptocurrency remain infected.ĬISA has added the vulnerability to its Known Exploited Vulnerabilities Catalog, acknowledging its active exploitation. Rarlab, the developers and distributors of WinRAR, released a beta patch on July 20 and an updated version of WinRAR (version 6.23) on August 2. DarkMe was a previously unknown vulnerability in WinRAR’s processing of the ZIP file format. The vulnerability was found by the Group-IB while researching the DarkMe malware. The vulnerability has been under exploitation since April 2023, even before it was discovered and reported by Group-IB security researchers to Rarlab. In addition, the vulnerability may also allow the threat actors to go ahead and distribute this code in online cryptocurrency trading forums. ![]() Tracked as CVE-2023-38831, the vulnerability may allow threat actors to hide malicious code in zip archives posing as “.jpg,” “.txt,” and other file formats. The threat actors are exploiting a zero-day vulnerability in WinRAR to install malware. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |