Saturday, January 23, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers

February 26, 2019
in Internet Privacy
Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers
587
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Credit: The Hacker News

It’s not just the critical Drupal vulnerability that is being exploited by in the wild cybercriminals to attack vulnerable websites that have not yet applied patches already available by its developers, but hackers are also exploiting a critical WinRAR vulnerability that was also revealed last week.

You might also like

Sharing eBook With Your Kindle Could Have Let Hackers Hijack Your Account

Missing Link in a ‘Zero Trust’ Security Model—The Device You’re Connecting With!

Importance of Application Security and Customer Data Protection to a Startup

A few days ago, The Hacker News reported about a 19-year-old remote code execution vulnerability disclosed by Check Point in the UNACEV2.dll library of WinRAR that could allow a maliciously-crafted ACE archive file to execute arbitrary code on a targeted system.

WinRAR is a popular Windows file compression application with 500 million users worldwide, but a critical “Absolute Path Traversal” bug (CVE-2018-20250) in its old third-party library, called UNACEV2.DLL, could allow attackers to extract a compressed executable file from the ACE archive to one of the Windows Startup folders, where the file would automatically run on the next reboot.

To successfully exploit the vulnerability and take full control over the targeted computers, all an attacker needs to do is just convincing users into opening a maliciously-crafted compressed archive file using WinRAR.

Just a day after the Check Point’s blog post and a proof of concept video (that showcased how an ACE archive can extract a malicious file into the Windows Startup folder) went public, a Proof-of-concept (PoC) exploit code for the newly discovered WinRAR vulnerability was published to Github.

What’s worse?

Security researchers at the 360 Threat Intelligence Center (360TIC) just yesterday detected an in-the-wild malspam email campaign that’s distributing a malicious RAR archive file that exploits the latest WinRAR vulnerability to install malware on computers running the vulnerable version of the software.

“Possibly the first malware delivered through the mail to exploit WinRAR vulnerability. The backdoor is generated by MSF [Microsoft Solutions Framework] and written to the global startup folder by WinRAR if UAC is turned off,” the researchers tweeted.

As shown in the screenshot shared by the researchers, when opened using WinRAR—software running with administrator privileges or on a targeted system with UAC (User Account Control) disabled—the malware drops a malicious exe file (CMSTray.exe) to the Windows Startup folder, designed to infect the targeted computer with a backdoor.

Since UAC puts some limitations on permissions, attempting to extract the archive with UAC enabled fails to place the malicious exe file in the C:ProgramData folder, thus failing to infect the computer.

The best way to protect yourself from these attacks is to update your software by installing the latest version of WinRAR as soon as possible and avoid opening files received from unknown sources.

Since the WinRAR team had lost the access to the source code for the vulnerable UNACEV2.DLL library in 2005, instead of fixing the issue, it released WINRar version 5.70 beta 1 that doesn’t support the DLL and ACE format. This fix addressed the bug, but at the same time also removes all ACE support from WinRAR.


Credit: The Hacker News By: noreply@blogger.com (Wang Wei)

Previous Post

How The World's Biggest Banks are Doubling Down on AI

Next Post

'Prism, Prism on the wall, who is the most trustworthy of them all?' Huawei hits back at US over 5G security claims

Related Posts

Sharing eBook With Your Kindle Could Have Let Hackers Hijack Your Account
Internet Privacy

Sharing eBook With Your Kindle Could Have Let Hackers Hijack Your Account

January 23, 2021
Missing Link in a ‘Zero Trust’ Security Model—The Device You’re Connecting With!
Internet Privacy

Missing Link in a ‘Zero Trust’ Security Model—The Device You’re Connecting With!

January 22, 2021
Importance of Application Security and Customer Data Protection to a Startup
Internet Privacy

Importance of Application Security and Customer Data Protection to a Startup

January 22, 2021
Hackers Accidentally Expose Passwords Stolen From Businesses On the Internet
Internet Privacy

Hackers Accidentally Expose Passwords Stolen From Businesses On the Internet

January 22, 2021
MrbMiner Crypto-Mining Malware Links to Iranian Software Company
Internet Privacy

MrbMiner Crypto-Mining Malware Links to Iranian Software Company

January 22, 2021
Next Post
‘Prism, Prism on the wall, who is the most trustworthy of them all?’ Huawei hits back at US over 5G security claims

'Prism, Prism on the wall, who is the most trustworthy of them all?' Huawei hits back at US over 5G security claims

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

As Bitcoin price surges, DDoS extortion gangs return in force
Internet Security

As Bitcoin price surges, DDoS extortion gangs return in force

January 23, 2021
Sharing eBook With Your Kindle Could Have Let Hackers Hijack Your Account
Internet Privacy

Sharing eBook With Your Kindle Could Have Let Hackers Hijack Your Account

January 23, 2021
Red Kill Switch for AI Autonomous Systems May Not be a Life Saver
Artificial Intelligence

Red Kill Switch for AI Autonomous Systems May Not be a Life Saver

January 22, 2021
Fairness in Machine Learning Predictions – Web Hosting | Cloud Computing | Datacenter
Machine Learning

Fairness in Machine Learning Predictions – Web Hosting | Cloud Computing | Datacenter

January 22, 2021
Ransomware victims aren’t reporting attacks to police. That’s causing a big problem
Internet Security

Hackers publish thousands of files after government agency refuses to pay ransom

January 22, 2021
Missing Link in a ‘Zero Trust’ Security Model—The Device You’re Connecting With!
Internet Privacy

Missing Link in a ‘Zero Trust’ Security Model—The Device You’re Connecting With!

January 22, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • As Bitcoin price surges, DDoS extortion gangs return in force January 23, 2021
  • Sharing eBook With Your Kindle Could Have Let Hackers Hijack Your Account January 23, 2021
  • Red Kill Switch for AI Autonomous Systems May Not be a Life Saver January 22, 2021
  • Fairness in Machine Learning Predictions – Web Hosting | Cloud Computing | Datacenter January 22, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates