Update WinRAR: Hackers are exploiting 19-year-old bug, installing hard-to-detect malware

Last month, a critical vulnerability was flagged in WinRAR, a bug that opened gates for attackers to install malware on PCs hosting the software.

It had existed in the software for about 19 years but was fixed immediately after being flagged.

But, as many have still not installed the patch, opportunistic hackers are exploiting the bug to install hard-to-detect malware on computers, reports McAfee.

The code execution vulnerability, first discovered by Check Point Research, revolves around hackers packaging a malformed ACE file with a RAR extension.

When this package is extracted through any version of WinRAR released over the last 19 years, it exploits the vulnerability and adds a malicious payload into the startup folder of the PC - without any kind of system alert.

Once installed, the malicious payload awaits for a system restart to start running.

When this happens, it activates and installs a generic trojan compromising the PC.

It is not exactly clear how the trojan affects the computer, but Chronicle-owned VirusTotal service claims it was detected by some nine antivirus providers (including McAfee), which clearly shows the risk it poses.

In the first week of disclosure, McAfee detected over 100 unique exploits (and counting) of the WinRAR vulnerability.

Most of the targets were US-based, but the attack clearly shows anyone using an old version of the software is not safe.

Notably, hackers are using different ways, including an illegal copy of Ariana Grande's latest album Thank U, Next, to attack vulnerable WinRAR users.

Having said that, if you're one of the 500 million people using WinRAR, it is important to update the program to version 5.70 immediately.

Alternatively, you could ditch the software altogether and switch to some other extraction tool like 7zip.

Also, install a reliable antivirus program on your PC so that vulnerabilities are flagged and removed in time.