"Russian Researchers Say Espionage Operation Using WinRAR Bug Is Linked to Ukraine"
Security researchers have discovered a new cyber espionage group linked to Ukraine that has been active since at least January. They named the group "PhantomCore" and named the attackers' remote access malware "PhantomRAT." The hackers used a known vulnerability in the Windows file archiver tool WinRAR to launch attacks on unnamed Russian companies. Tracked as CVE-2023-38831, the bug was previously exploited by state-controlled hackers linked to Russia and China in early 2023 before being patched. This article continues to discuss findings regarding PhantomCore.
Submitted by grigby1
Submitted by Gregory Rigby
on