News

Crypto Wallets Not Safe Due to 14-Year-Old WinRAR Exploit

The discovery of an exploit on a standard version of WinRAR has created unrest because of the threat it poses to coins, according to a Bitcoin subreddit user. More alarming is the fact that this bug, which made it possible for executable code to be put inside a system after a RAR file has been opened, has existed for 14 years and is only being discovered recently. Now that its existence has come to light, exploits are likely to be written for unpatched systems.

WinRAR Salvages Situation, Ace Discarded

The only way to get ahead of this problem is to patch it, and that can only be done by getting WinRAR updated to the latest version from an authorized source. WinRAR has about 500 million users worldwide, making it one of the most popular softwares in existence.
According to the user:

“Here is how it works. You open the wrong rar file with an unpatched version of winrar, and a payload is dropped in to your windows startup folder. Which means on reboot you will load up an exe. And nobody ever updates their winrar. […]  So there are probably at least a 100 million computers with an unpatched version of winrar on it.”

Crypto Security Hinges On Its Operating Environment

When the execution of code is enabled, anything designed to steal the contents of Bitcoin wallets could very well advance without any hindrance. When choosing a computer for Bitcoin transactions, a general purpose computer should not be considered. But if one must be used, then an antivirus software will make a nice addition.
unlocked lock
The origin of the bug can be traced to a library used by WinRAR to process ACE archive files. Those who are credited with the discovery of the bug found a way to execute with typical privileges by having the exploit moved around on the hard drive. WinRAR has withdrawn its support for ACE files.

“WinRAR has always been known for its wide support of all popular compression formats. […] Since UNACEV2.DLL had not been updated since 2005 and access to its source code is not available, the decision was made to drop ACE archive support starting with WinRAR 5.70. Now, after the launch of the final and stable version of WinRAR 5.70, upgrading immediately to the new 5.70 version is highly recommended.”

The security of cryptocurrency truly rests on the environment it operates in, and that is why the importance of good security practices cannot be over emphasized, especially if one needs to store a high amount of cryptocurrency.

Related posts
BitcoinBitcoin NewsbtcusdBTCUSDCBTCUSDTETFNewsxbtusd

Bitcoin May Never Go Below $50k Once An ETF Is Approved, Declares On-Chain Analyst

Bitcoin may never drop below $50k asserts on-chain analyst Ki-Young Ju. But as usual, there are conditions that follow this possibility. In a tweet, Ju analyzed that Bitcoin could follow the same path that gold took in 2004 when the first…
BitcoinBitcoin NewsbtcusdBTCUSDCBTCUSDTNewsxbtusd

Quarterback Star Tom Brady Breaks Internet After Showing Interest In Bitcoin

Tom Brady, the American athlete who is widely regarded as the “greatest” quarterback in NFL history is the latest celebrity to show interest in the world’s most valued cryptocurrency Bitcoin. Brady who has a massive Twitter following of 1.9 million…
BitcoinBitcoin NewsbtcusdBTCUSDCBTCUSDTNewsxbtusd

Almost $200 Billion Worth Of Bitcoin Is Currently At Risk – Report Warns

A recently published 2021 crypto report by Opimas LLC, a finance-based management consultancy firm, has revealed that approximately 3,480,000 out of the world’s mined 18.5 million Bitcoin, stands vulnerable to attacks as a result of improper safekeeping. The 36-page report…