[WinRAR zero-day vulnerability for cryptocurrency traders has been fixed]
A zero-day vulnerability was recently discovered in WinRAR software. Although it was fixed in version 6.23 on August 2, most crypto traders have not yet updated and are therefore still at risk.
Hackers can exploit this vulnerability to create fake RAR or ZIP archives, such as JPG or PDF. Once the victim clicks on it, the hacker can implant malware, steal cryptocurrency or remotely operate the victim's computer.
Singapore-based information security company Group-IB disclosed this intelligence on August 23, stating that hackers had posted tweets containing malicious ZIP links on multiple trading forums, pretending to be traders. After clicking on the link, the victim's computer is infected with malware such as DarkMe, GuLoader and Remcos RAT. DarkMe has been used to attack cryptocurrency and finance.
At least 130 devices are currently infected, and the damage is yet to be determined. If you suspect you have been infected, please change your password immediately, scan your computer and notify your exchange.