Russian State-Sponsored Hacking Group Abusing WinRAR Vulnerability To Target Embassies

Another Russian state-sponsored hacking group, APT29, also known as UNC3524, NobleBaron, Dark Halo, NOBELIUM, Cozy Bear, CozyDuke, and SolarStorm, is exploiting the CVE-2023-38831 vulnerability in WinRAR for cyberattacks.

APT29 has been targeting embassy entities by using a lure related to a BMW car sale.

The security flaw in WinRAR versions before 6.23 allows the creation of .RAR and .ZIP archives that execute background code for malicious purposes. This zero-day vulnerability, exploited since April, is being used by threat actors to target cryptocurrency and stock trading forums.


Read More

Got Something To Say?

Your email address will not be published.