SECURITYTHE HACKER NEWS
Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
The Russian hacking group Gamaredon is exploiting a WinRAR vulnerability (CVE-2025-8088) to deliver malware families like GammaWorm, GammaSteel, and GammaPhish, targeting data theft and propagation. Sekoia reports that the attack chain uses a path traversal flaw in WinRAR to deploy an HTML Application payload for further malicious activity.
Mentioned
Related Signal
Adjacent reporting
- North Korea's Lazarus Targets macOS Users via ClickFix
- ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
- North Korea Uses ClickFix to Target macOS Users' Data
- MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
- Russia's Forest Blizzard Nabs Rafts of Logins Via SOHO Routers
- North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware