Updated:06:47 PM EDT May 19


this is ggmania.com subsite Critical WinRAR flaw exploited - TechAmok

TOP STORIES

HEADLINES

Google debuts 'next-generation' Assistant
How Viagra Made Pfizer Billions Before Generics
Tesla Will Release Fully Self-driving Cars in 2019
Catch-22 Trailer (Official)
Ratajkowski Spends Easter Sunday with the Easter Bunny
Inner Fire - Yoga On The Frozen Lake Baikal
Rooftop Swimming Pool Emptying During Quake In Manila
Inside an $88M Bel Air Mansion with a Hidden Car Elevator
When They See Us - Official Trailer - Netflix
Scarlett Johansson Tries To Not Spoil Avengers
Alexis Ren - This, a book, Coffee, And You
$100 million bitcoin order pushes price to 2019 high
Huawei P30 Pro vs Samsung S10 Plus vs iPhone XS Max Camera Comparo
4K Falcon 9 video
10 Hottest moments from youtubers doing Bikini Try on & haul videos
Get GRID 2 for free
Kara Del Toro Is Amazing
10 Famous Funny Commercials

Microsoft Admits Updates Are Freezing Windows 10 Computers
Sony and Microsoft to explore strategic partnership
Google reportedly ends business with Huawei
Asus ZenFone 6 Sports Motorized Camera, Top Specs
NVIDIA's earnings in Q1 FY20 down by 31% compared to Q1 FY19
Steep To Be Available For Free On uPlay Until Next Week
Intel Tried to Bribe Dutch University to Suppress Knowledge of MDS
Inexplicable Rubik's Cube Magic Trick!
Traps Himself In A Jail Of His Own Making
FCC Proposes Greater Freedom to Block Unwanted Calls
Taylor Swift Answers Ellen's Burning Questions
Steam Link for iOS and Apple TV
Adobe Tells Users They Can Get Sued for Using Old Photoshop
OnePlus 7 Pro Sports Three Rear Cameras, Pop-up Selfie Camera
Wormable Windows bug could lead to another WannaCry
AMD Releases Radeon Software Adrenalin 19.5.1 Drivers
GOG.com is offering the first Witcher game for free
Apple Launches iOS 12.3 And tvOS 12.3

Critical WinRAR flaw exploited - [security]
03:51 AM EDT - Mar,28 2019 - post a comment

In one campaign, according to a report published by researchers from security firm FireEye, attackers are spreading files that purport to contain stolen data. One file, titled leaks copy.rar, contains email addresses and passwords that were supposedly compromised in a breach. Attackers claim another file, cc.rar, contains stolen credit card data. Other files have names including zabugor.rar, ZabugorV.rar, Combolist.rar, Nulled2019.rar, and IT.rar.

Hidden inside the files are payloads from a variety of different malware families. They include a keylogger known as QuasarRat and malware containing Chinese language text known as Buzy.

The FireEye report identified three other campaigns, including:

  • One that impersonates an educational accreditation body that seems to use a PDF letter copied from the website of the Council on Social Work Education as a decoy. When extracted, the RAR file plants a Visual Basic script in the computer's startup folder. The script causes the computer to install a remote-access trojan called Netwire.
  • An attack targeting the Israeli military industry that uses decoy files related to SysAid, a helpdesk service based in Israel. A malicious payload, dubbed SappyCache, will decrypt a file stored in a temporary folder to obtain the address of a command and control channel. SappyCache will then attempt to download and install a second-stage malware file from the server. The server never responded during the FireEye analysis.
  • An attack potentially targeting a single person in Ukraine that uses a purported PDF message from the country's former President Viktor Yanukovych. The exploit drops a batch file into the startup folder that, when executed, installed a payload dubbed Empire.

FireEye isn't the only firm that's seeing such exploits. A separate report from security firm Symantec said that an espionage hacking outfit known both as Elfin and APT33 has been spotted exploiting the WinRAR vulnerability against a target in the chemical industry of Saudi Arabia.

Attackers sent a spear-phishing email to at least two employees in the targeted company. The email included a file dubbed JobDetails.rar. If extracted on a computer using a vulnerable version of WinRAR, the attack could install any file of the attackers' choice. Prior to the attack, Symantec updated its software to block exploits. The protection prevented the attack from working against the targeted company.


Short overview of recent news articles

May,13 2019 Feds Bust 'The Community' Hackers
May,13 2019 Keanu Reeves Left Stephen Colbert Speechless
May,13 2019 RAGE 2 - First 10 Minutes - PC Gameplay
May,11 2019 Microsoft: The open source company
May,11 2019 Unhackable eyeDisk Secure Thumb Drive Is Quite Hackable
May,10 2019 SpaceX will begin launching its first Starlink test satellites next
May,10 2019 IT: CHAPTER 2 Trailer (2019) Pennywise Horror Movie
May,10 2019 I Am Mother - official trailer
May,10 2019 NVIDIA Releases GeForce 430.64 WHQL Drivers
May,09 2019 Bitcoin is worth $6,000 for the first time this year
May,08 2019 Star Wars SC 38 Reimagined
May,08 2019 Android Q Allows Speedier OS Updates
May,08 2019 POKEMON Detective Pikachu: Full Picture
May,07 2019 A Live Demo For HoloLens 2 Did... Not Go According To Plan
May,07 2019 What It's Like Driving The World's Fastest Car
May,07 2019 Android 10 Brings Live Caption, Dark Mode
May,07 2019 Google Pixel 3a Series Starts at $399
May,07 2019 Google debuts 'next-generation' Assistant
May,06 2019 Mozilla releases Firefox 66.0.4 which re-enables user extensions
May,06 2019 Hard Drive Shipments Expected to Drop Nearly 50 Percent YoY in 2019
May,06 2019 U.S. Hikes Tariffs on Electronics Imports from China by 2.5 Times
May,04 2019 World Of Goo free on Epic Games Store
May,04 2019 Firefox is having trust issues with add-ons
May,04 2019 Why Quantum Computing Will Upend Encryption As We Know It
May,04 2019 How Viagra Made Pfizer Billions Before Generics
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs