Crypto Investor: a vulnerability on Windows that can put your funds at risk!

Cryptocurrency protocols are the new targets of hackers. Billions of dollars have already been lost as a result of hacks of these networks. Windows could be the next victim due to a security vulnerability detected in WinRAR, which puts crypto investors’ funds at risk. This is related to remote code execution which is particularly dangerous for investors.

WinRAR Security Flaw on Remote Code

The WinRAR security vulnerability affects remote code execution on Windows systems. For crypto investors, this poses a danger because a hacker can exploit this vulnerability. It consists of convincing the target to visit the malicious web page to execute code remotely. Zero Day Initiative explains that the problem is due to the data provided by the user not being properly validated. This can cause a memory access after an allocated buffer has finished.

Avoid downloading files from untrusted sources which can easily fall victim to vulnerabilities 0day from WinRAR. These are exploited by a small number of attackers when the system administrators have not yet patched the flaws. A researcher discovered and reported this last vulnerability called goodbyeselene on June 8, 2023. However, it cannot be determined how long it has been active.

The precautions to take

The hacker exploits the security vulnerability by tricking the user into downloading a RAR file which is executable using WinRAR. It remotely executes the backdoor when you open the file. The attacker will then gain access to all of your wallet information through a remote access Trojan. He can then remotely control everything the user does on his computer.

WinRAR released a new version 6.23 on August 2, 2023 to fix the issue. Users should then immediately update their version from the official website. You should also avoid downloading files from untrusted sources. Finally, it is advisable to use paid antivirus programs to protect your cryptocurrency funds.

Receive a digest of news in the world of cryptocurrencies by subscribing to our new service of newsletter daily and weekly so you don’t miss any of the essential Tremplin.io!

Similar Posts