Financially motivated attacks have exploited a zero-day vulnerability in WinRaR to trick traders into installing malware. This malware allows them to steal money from broker accounts. The attackers are able to create a modified RAR or ZIP archive containing harmless and malicious files. When these files are opened malware gets installed, which allows the attackers to gain access to the victim’s computer. Fortunately, a fix is available in the latest WinRaR update.
Read more: https://www.helpnetsecurity.com/2023/08/23/cve-2023-38831-exploited/