Hackers exploit WinRAR zero-day bug to steal funds from broker accounts

Cybercriminals are exploiting a zero-day vulnerability in WinRAR, the venerable shareware archiving tool for Windows, to target traders and steal funds.
Cybersecurity company Group-IB discovered the vulnerability, which affects the processing of the ZIP file format by WinRAR, in June. The zero-day flaw — meaning the vendor had no time, or zero days, to fix it before it was exploited — allows hackers to hide malicious scripts in archive files masquerading as “.jpg” images or “.txt” files, for example, to compromise target machines.
Group-IB says hackers have been exploiting this vulnerability s

リンク元