![]() It’s not known who is behind the exploitation of the WinRAR zero-day. One victim told Group-IB researchers that the hackers attempted to withdraw their money, but were unsuccessful. The cybersecurity firm tells TechCrunch that the devices of at least 130 traders are infected at the time of writing but notes that it has “no insight on financial losses at this stage.” Once a targeted forum user opens the malware-laced file, the hackers gain access to their victims’ brokerage accounts, enabling them to perform illicit financial transactions and withdraw funds, according to Group-IB. The forum also took steps to block the accounts used by the attackers, but Group-IB saw evidence that the hackers were “able to unlock accounts that were disabled by forum administrators to continue spreading malicious files, whether by posting in threads or private messages.” In the case of one of the targeted forums, administrators became aware that malicious files were shared and subsequently issued a warning to their users. Group-IB tells TechCrunch that malicious ZIP archives were posted on at least eight public forums, which “cover a wide range of trading, investment, and cryptocurrency-related subjects.” Group-IB declined to name the targeted forums. Group-IB says hackers have been exploiting this vulnerability since April to spread malicious ZIP archives on specialist trading forums. ![]() ![]() ![]() txt files, for example, to compromise target machines. The zero-day flaw - meaning the vendor had no time, or zero days, to fix it before it was exploited - allows hackers to hide malicious scripts in archive files masquerading as. Cybercriminals are exploiting a zero-day vulnerability in WinRAR, the venerable shareware archiving tool for Windows, to target traders and steal funds.Ĭybersecurity company Group-IB discovered the vulnerability, which affects the processing of the ZIP file format by WinRAR, in June. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |