Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)

Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal money from broker accounts. “This vulnerability has been exploited since April 2023,” says Group-IB malware analyst Andrey Polovinkin. Devices of at least 130 traders (and likely more) have been infected with malware in this campaign. CVE-2023-38831 exploited CVE-2023-38831 is a file extension spoofing vulnerability, which allowed attackers to create a modified RAR or … More →

The post …

0 day accounts analyst april attackers broker brokers cve cybercrime devices don't miss exploited group-ib hot stuff malware malware analyst money security update steal vulnerability windows winrar zero-day zero-day vulnerability