"State Actors Targeting WinRAR Flaw in Multiple Campaigns"

Several Advanced Persistent Threat (APT) groups, including two Russian groups, are conducting campaigns to exploit a known vulnerability in the popular WinRAR archive utility and deliver malware. The attackers are exploiting a vulnerability, tracked as CVE-2023-38831, in multiple versions of WinRAR that can result in arbitrary code execution. The WinRAR team released a patch for the vulnerability in August, but threat actors had been exploiting it since at least April, when researchers were unaware of it. Even though the update has been available for over two months, APT groups are still successfully exploiting it, suggesting that some organizations have yet to implement the fix. This article continues to discuss APT groups exploiting a known vulnerability in the WinRAR archive utility.

Decipher reports "State Actors Targeting WinRAR Flaw in Multiple Campaigns"

Submitted by grigby1
 

Submitted by Gregory Rigby on