We all know the saying, “If it ain’t broke, don’t fix it.” Well some state-backed digital pranksters from Russia and China did us one better, “If it ain’t secure, let’s exploit it!” It seems they found a sneaky backdoor in the WinRAR Archiver tool. Not exactly the type of ‘unzipping’ we had in mind when using the software!
The cyber intruders are exploiting a flaw tagged CVE-2023-38831. Normally, flaws with numbers give us as much joy as reading the phone directory. But when it comes with a CVSS score of 7.8, it’s like finding a snake in your sock drawer. This tricky wound allows these bad boys to execute any code they fancy when an unsuspecting user attempts to check a ‘harmless’ file inside a ZIP archive.
Imagine opening a beautifully wrapped present only to find a whoopee cushion. That’s the scenario when this vulnerability is actively exploited. With every attempt to view a benign file, it’s like stepping on a digital banana peel. This is one prank that’s going viral for all the wrong reasons.
To sum it up, the WinRAR archiver tool has fallen victim to some pretty sophisticated tomfoolery from threat actors originating in Russia and China. They are exploiting a vulnerability that allows them to execute arbitrary code when innocent users view what they believe to be harmless files inside zip archives. This serves as a friendly, albeit haunting reminder to always stay vigilant with our cyber hygiene, because the internet can sometimes be a very unruly neighborhood!
Original Article: https://thehackernews.com/2023/10/google-tag-detects-state-backed-threat.html
No products in the cart.