The National Telecommunication and Information Security Board (NTISB) hasissued a cybersecurity advisory named “WinRAR Critical VulnerabilityExploitation via Phishing Emails.”
According to the advisory, hackers have been targeting users throughphishing emails that contain attachments of password-protected WinRAR zipfiles. When these rare files are unzipped, malware is automaticallyexecuted, taking advantage of the WinRAR remote code executionvulnerability (CVE-2023-40477) on the victim’s system.
Furthermore, the advisory emphasizes that exploiting vulnerabilities inWinRAR allows hackers to gain full control of users’ computers, potentiallyleading to actions such as stealing personal files, blocking user access,and encrypting sensitive data. These hacking attacks often involveransomware, data extraction, and data wiping.
To protect against such threats, the advisory recommends that users refrainfrom opening and downloading any suspicious email attachments, especiallythose in the form of password-protected WinRAR or WinZip files.Additionally, it advises WinRAR users to update to the latest version 6.23or higher to mitigate the risk of such attacks.
Read Top Stories
NTISB has also taken the initiative to send this advisory to both federaland provincial governments, urging them to disseminate the information totheir subordinate departments.