The National Telecommunication and Information Security Board (NTISB) has issued a cyber security advisory named “WinRAR Critical Vulnerability Exploitation via Phishing Emails”

According to the advisory, hackers are targeting users with improvised phishing emails containing attachments of password-protected WinRAR zip files. Upon unzipping the rare files, malware automatically executes by exploiting WinRAR remote code execution vulnerability (CVE-2023-40477) on the victim’s system.

According to the advisory, using vulnerabilities in WinRAR hackers can get full control of user’s computers, they can steal personal files, block the access of users, and encrypt sensitive data etc. Ransomware, data extraction and data wiping etc. are common in these hacking attacks.

The advisory suggested the users not open and download any suspicious email attachments, especially password-protected WinRAR/WinZip files. The advisory has suggested WinRAR users update to the latest version 6.23 or above to avoid such attacks.

NTISB has sent this advisory to the Federal and Provincial governments. The federal and provincial governments have been asked to extend this advisory to subordinate departments.

Source: Pro Pakistani