Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal money from broker accounts. “This vulnerability has been exploited since April 2023,” says Group-IB malware analyst Andrey Polovinkin. Devices of at least 130 traders (and likely more) have been infected with malware in this campaign. CVE-2023-38831 exploited CVE-2023-38831 is a file extension spoofing vulnerability, which allowed attackers to create a modified RAR or … More

The post Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831) appeared first on Help Net Security.