Home State-sponsored hackers exploit WinRAR flaw

State-sponsored hackers exploit WinRAR flaw

State-supported hackers from Russia and China have taken advantage of a fixed vulnerability in the widely utilized WinRAR archiving utility for Windows, raising concerns among cybersecurity specialists. The weakness, referred to as CVE-2023-38831, enables assailants to conceal harmful scripts in archive files disguised as innocuous images or text files. Cybersecurity company Group-IB revealed that a minimum of 130 traders suffered device compromises due to this exploit. Moreover, these attacks have led to substantial financial losses and data breaches for the affected organizations. Experts warn businesses and individuals to remain vigilant and update their software regularly to mitigate the risks posed by state-sponsored cyberattacks.

Rarlab, the firm responsible for WinRAR, issued an upgraded version (6.23) on August 2 to tackle this vulnerability. However, Google’s Threat Analysis Group (TAG) discovered that multiple state-supported hacking groups persistently exploited the flaw, focusing on users who have not yet updated their software. This alarming revelation highlights the importance of regularly updating software to protect against potential cyber threats. As a result, users are strongly urged to update their WinRAR software to version 6.23 or later to secure their systems from these targeted attacks.

Links to Russian and Chinese hacking organizations

TAG’s investigation connected the exploit to hacking organizations linked to Russia and China, including the infamous Russian military intelligence unit Sandworm, which participated in the 2017 NotPetya ransomware assault. These groups are known for their highly sophisticated cyber operations, posing a significant threat to global security. Governments and private cyber security firms have been working diligently to counter their malicious activities and protect sensitive data from being compromised.

Additionally, the Russian-bolstered hacking group APT28, also known as Fancy Bear, was seen exploiting the WinRAR vulnerability. They directed their efforts at users in Ukraine through a different email campaign, acting as the Razumkov Centre – a public policy research institute in the nation. This malicious campaign spread emails containing a compromised version of the institute’s report on the presidential election, allowing the hackers to infiltrate the user’s systems. As a result, unsuspecting victims inadvertently exposed their sensitive information and networks to cybercriminals, providing ample opportunities for data breaches and system disruptions.

Featured Image Credit: Photo by Pixabay; Pexels; Thank you!

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Deanna Ritchie
Former Editor

Deanna was an editor at ReadWrite until early 2024. Previously she worked as the Editor in Chief for Startup Grind, Editor in Chief for Calendar, editor at Entrepreneur media, and has over 20+ years of experience in content management and content development.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.