In a recent post on X (formerly Twitter), Web3 cybersecurity firm SlowMist warns Windows users about a recently discovered vulnerability in WinRAR, a popular file archiving utility developed for Microsoft’s operating systems. Although the vulnerability was originally discovered by Group- IB researcher Andrey Polovinkin on June 8, 2023, and fixed in an August 2 WinRAR 6.23 update, SlowMist emphasizes that "'WinRAR Vulnerability Detection Tool' may be a malicious phishing program."
"The specific flaw exists within the processing of recovery volumes. The issue results from the lack of proper validation of user-supplied data, which can result in memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process," Zero Day Initiative, an international software vulnerability initiative, described the issue, which is tracked as CVE-2023-40477.
To exploit the vulnerability, a malicious actor needs user interaction, which can be done via a phishing website or a compromised archive file.
Meanwhile, SlowMist released its weekly security report yesterday. Although the company identified ten major security incidents between August 14 and 20, it stressed that there could have been more. Total losses from the security breaches amounted to nearly $20 million.
Some of the exploits reported by SlowMist included the $2.2 million hack of Zynami Protocol on August 14, the loss of nearly $868,000 to the RocketSwap hack, and the embezzlement of more than $4.6 million by the SwirLend team across the Base network.
Other Web3 projects affected this week included the BNB Chain-based Thales wallet and Harbor Protocol, while Exactly Protocol experienced one of the largest exploits of the week, resulting in losses of over $12 million.