Russian and Chinese state-sponsored threat actors have been discovered abusing a known vulnerability in the popular archiving tool WinRAR to extract sensitive information such as passwords and other login credentials.

Google’s Threat Analysis Group (TAG), which usually tracks and analyzes state-sponsored hacking players, claims to have found evidence that the flaw, identified earlier as CVE-2023-38831 by Group-IB, was being used to hide malware in archived files. 



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *