WinRAR happens to be one of the most popular Windows PC apps. In fact, almost every PC or laptop user installs WinRAR to be able to extract .zip files. Recently, it was discovered that each and every version of WinRAR released in the last 19 years includes security vulnerability. If exploited, it can allow hackers to gain unauthorised access to your computer. In what could be bad news for WinRAR users, McAfee experts believe there are a hundred ways to exploit the vulnerability and the number is expected to grow bigger.
A 19-year old security vulnerability discovered in WinRAR is capable of creating malicious RAR archives. When these archives are extracted, a malicious .exe file is quietly slipped into Windows’ Startup folder. So, whenever you boot into Windows, it will be automatically launched. Interestingly, these EXE files are given innocent-looking names like GoogleUpdate.exe, explains Kaspersky.
Attacks try to lure victims into downloading the malicious archive sent over email and unpack it onto their computer. There are different ways hackers can lure you into installing these malicious files. For example, sometimes, they promise to share adult images or job offer. Sometimes, hackers even alert you of a terrorist attack risk. In a nutshell, the idea here is that these files don’t seem harmful.
“In some cases, malefactors pretend to send some technical documents or inform you about recent changes to local legislation. Some even invite you to download a pirated copy of a hit album, for example, by Ariana Grande,” said Kaspersky in its blog post.
The payload might differ. It can be remote access tools that allow hackers to capture your screen and upload or download files to or from your device. It can also be banking Trojan and more. The most recent example is JNEC.a. It’s a ransomware that locks all your files and demands a ransom in order to unlock them.
If you are a WinRAR user, here are some tips you can follow: