The vulnerability affects the way WinRAR handles ZIP files and has been actively exploited since April. Attackers exploit a remote malware installation vulnerability when victims open seemingly harmless files, such as JPG images in ZIP archives. These malware, including families such as DarkMe, GuLoader, and Remcos RAT, allow attackers to gain unauthorized access to victim systems.
It was reported that compromised systems were used to withdraw funds from brokerage accounts, but the exact financial losses and the number of victims are unknown.
The vulnerability in WinRAR was fortunately fixed in version 6.23.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
