All Tech Blogs Explore Tags Send Feedback

Endigest

© 2026 Endigest. All rights reserved.

About
Privacy
Terms
Contact
RSS

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine | Endigest

The Hacker News

|Security

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

2026-06-09

1 min read

0

by info@thehackernews.com (The Hacker News)

Get the latest tech trends every morning

Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.

Email address

Endigest AI Core Summary

Russian-backed cyber attack groups exploited a WinRAR vulnerability (CVE-2025-8088) to deploy information stealers against Ukrainian targets.

•SHADOW-EARTH-066 uses RAR archives with hidden NTFS ADS payloads to deliver GIFTEDCROOK stealer
•Earth Dahu deploys GammaPhish HTA and GammaLoad VBScript modules for ongoing espionage
•CVE-2025-8088 enables path traversal via NTFS ADS to write files outside extraction directory
•Malware steals browser passwords, cookies, and specific documents from victim machines
•Attackers switched from Telegram to dedicated C2 servers for command and control

This summary was automatically generated by AI based on the original article and may not be fully accurate.

Related Articles

The Hacker News

Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts

Security·2026-06-15

The Hacker News

Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw

Security·2026-06-15

The Hacker News

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Security·2026-06-13

The Hacker News

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

Security·2026-06-12