miércoles, 2 de abril de 2014

WinRAR Spoofing Vulnerability used by Hackers to Hide Malware in Compressed files. | TechWorm

WinRAR Spoofing Vulnerability used by Hackers to Hide Malware in Compressed files. | TechWorm:



As you can see from the image above, that, what seems to look like a simple text or image file in a zipped format from outside can actually be a malicious Trojan. When the victim unzips the file, the same can infect the users computer.

InterCrawler says that as of now this vulnerability is being widely used by cyber criminals to target Government agencies, international organisations, aerospace corporations, military subcontractors, and Fortune Global 500 companies. It is also used in Social media spam campaigns.

The vulnerability works on all WinRar versions including v.5.1. Using this method the bad actors bypass some specific security measures including e-mail server’s antivirus systems. Example: “FAX.ZIP”.

The cyber criminals use a wide range of campaign to spread their malicious payload and malwares including through compromised websites and Social media networks. InterCrawler cites an example where one of the exploiters sent a malware using the above method through a a email which pretended to be originating from European Council Legal Affairs.

WinRAR Spoofing Vulnerability used by Hackers to Hide Malware in Compressed files.

Publicado por en