winrar – Weekly Geek

High-severity WinRAR 0-day exploited for weeks by 2 groups

BI.ZONE said the Paper Werewolf delivered the exploits in July and August through archives attached to emails impersonating employees of the All-Russian Research Institute. The ultimate goal was to install malware that gave Paper Werewolf access to infected systems. While the discoveries by ESET and BI.ZONE were independent of each other, it’s unknown if the… Read More »

WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April

Getty Images reader comments 43 with A newly discovered zero-day in the widely used WinRAR file-compression program has been exploited for four months by unknown attackers who are using it to install malware when targets open booby-trapped JPGs and other innocuous inside file archives. The vulnerability, residing in the way WinRAR processes the ZIP file… Read More »