"Fake WinRAR PoC Spread VenomRAT Malware"
Unknown threat actors have published a fake proof-of-concept (PoC) exploit for CVE-2023-4047, a recently patched Remote Code Execution (RCE) flaw in WinRAR, in order to spread the VenomRAT malware. On August 17, 2023, Trend Micro's Zero Day Initiative disclosed the RCE vulnerability that allowed threat actors to execute arbitrary code on affected installations of WinRAR. Four days after the public disclosure of the vulnerability, the attacker seized the opportunity to publish a fake PoC on GitHub. The fake PoC is based on publicly available PoC code for a GeoServer SQL injection flaw. This article continues to discuss the fake WinRAR PoC spreading VenomRAT malware.
Help Net Security reports "Fake WinRAR PoC Spread VenomRAT Malware"
Submitted by Gregory Rigby
on