State-Backed Cyber Actors from Russia and China Are Exploiting WinRAR Vulnerability
UK body overturns Clearview AI penalty, Finnish mental health clinic hacker faces seven years in prison, Pro-Ukraine hacktivists shut down Trigona leak site, New 23andme profiles leaked, much more
Google security researchers say they have found evidence that government-backed hackers linked to Russia and China are exploiting a since-patched vulnerability in WinRAR, the popular shareware archiving tool for Windows.
WinRAR tracked as CVE-2023-38831, allows attackers to hide malicious scripts in archive files masquerading as seemingly innocuous images or text documents.
Rarlab, which makes the archiving tool, released an updated version of WinRAR (version 6.23) on August 2 to patch the vulnerability.
Despite this, Google’s Threat Analysis Group (TAG) said this week that its researchers have observed multiple government-backed hacking groups exploiting the security flaw, noting that “many users” who have not updated the app remain vulnerable.
TAG says it has …
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.