News

    WinRAR flaw exploited by hackers to spread malware

    A critical WinRAR flaw is being exploited by hackers to deliver malware. Update to version 7.13 now to secure your system.
    WinRAR-flaw-1

    A critical WinRAR flaw is now being used by hackers to push malware onto victims’ devices. Security firm ESET says the vulnerability, labeled CVE-2025-8088, allows attackers to take control of file extraction paths and execute harmful code. The Russian-aligned RomCom group is already targeting users through phishing campaigns.

    WinRAR-flaw-2

    Normally, WinRAR extracts files to the folder a user selects. However, this flaw lets a malicious archive redirect files to a hacker’s chosen location. From there, the attacker can run rogue programs on Windows PCs, creating an open door for data theft and further infections.

    Hidden File Limitation Surprises Google Drive Users

    ESET has tracked spearphishing emails carrying booby-trapped RAR files. Once opened, these archives use the vulnerability to install RomCom backdoors. Past versions of RomCom malware have stolen sensitive data, disabled security tools, and downloaded additional malicious software.

    Key attack details:

    • Delivered through phishing emails with RAR attachments
    • Exploits CVE-2025-8088 to bypass safe extraction
    • Linked to Russia-aligned RomCom hacking group

    WinRAR 7.13 Final contains the fix. However, because the program lacks automatic updates, users must download and install the patch themselves. Delaying the update leaves your system open to ongoing attacks.

    Threat actors are already exploiting this flaw in the wild. Even careful users can be tricked by convincing emails. By updating immediately, you shut down an active infection route and protect sensitive files. The patch process is quick, but waiting could have lasting consequences.

    No comments yet Write the First Comment
    ×

    Your comment has been submitted,
    it will be published after approval.

    Write a Comment