WinRAR: Pakistan government warns against cyber threat
Shares
The National Telecommunication and Information Security Board (NTISB) has issued a cybersecurity advisory named "WinRAR Critical Vulnerability Exploitation via Phishing Emails."
According to the advisory, hackers have been targeting users through phishing emails that contain attachments of password-protected WinRAR zip files. When these rare files are unzipped, malware is automatically executed, taking advantage of the WinRAR remote code execution vulnerability (CVE-2023-40477) on the victim's system.
Furthermore, the advisory emphasizes that exploiting vulnerabilities in WinRAR allows hackers to gain full control of users' computers, potentially leading to actions such as stealing personal files, blocking user access, and encrypting sensitive data. These hacking attacks often involve ransomware, data extraction, and data wiping.
To protect against such threats, the advisory recommends that users refrain from opening and downloading any suspicious email attachments, especially those in the form of password-protected WinRAR or WinZip files. Additionally, it advises WinRAR users to update to the latest version 6.23 or higher to mitigate the risk of such attacks.
NTISB has also taken the initiative to send this advisory to both federal and provincial governments, urging them to disseminate the information to their subordinate departments.