Security News > 2020 > December > Hackers can use WinZip insecure server connection to drop malware
The server-client communication in certain versions of the WinZip file compression tool is insecure and could be modified to serve malware or fraudulent content to users.
WinZip has been a long-standing utility for Windows users with file archiving needs beyond the support built in the operating system.
WinZip is currently at version 25 but earlier releases check the server for updates over an unencrypted connection, a weakness that could be exploited by a malicious actor.
Given the insecure nature of the communication channel, Rakhmanov says that the traffic can be "Grabbed, manipulated, or hijacked" by an attacker on the same network as the WinZip user.
This will stop the client from querying the WinZip server for the availability of a new version.
News URL
Related news
- Chinese hackers target Linux with new WolfsBane malware (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)
- North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn (source)
- Salt Typhoon hackers backdoor telcos with new GhostSpider malware (source)
- Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries (source)
- APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign (source)
- Hackers exploit ProjectSend flaw to backdoor exposed servers (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities (source)