File compression software WinRAR has closed a zero-day vulnerability that allowed malware to infiltrate crypto and stock trading.
Cryptocurrencies and stocks have become areas where investors often operate. Although these areas attract investors, they also include malicious actors through the back door. In particular, cases of hacking and fraud cannot be prevented.
WinRAR, which has been in service for years, has prevented hackers from infiltrating investors’ accounts through malware. WinRAR has closed a vulnerability known as zero-day.
WinRAR improves its security
WinRAR, a globally serving file compression platform, prevented a security vulnerability called zero-day. Earlier, security firm Group-IB stated that there was a vulnerability in WinRAR. The vulnerability, known as CVE-2023-38831, has been active for about four months.
Hackers who took advantage of this vulnerability spread their malware on investors. In this way, hackers targeted crypto and stock investors.
Using the zero-day vulnerability, the hackers were able to create files in image format and decompress them. The compressed files were later distributed on crypto and investment forums.
Reporting on the subject, Group-IB said, “Malware, once extracted and distributed, allows bad actors to withdraw funds from broker accounts. This vulnerability has been exploited since April 2023.” said.
Just two days after this report, WinRAR closed the vulnerability and stated that its users were not at risk.
60442
