- Site Map >
- Community >
- Sims Discussion >
- Sims 2 >
- Common Threads - WINRAR Actively exploited to Install Hard-to-detect malware
- Site Map >
- Community >
- Sims Discussion >
- Sims 2 >
- Common Threads - WINRAR Actively exploited to Install Hard-to-detect malware
#1
15th Mar 2019 at 5:06 PM
Posts: 851
WINRAR Actively exploited to Install Hard-to-detect malware
Because a lot of us use programs to zip our files, I thought I would share this. According to a lot of technical information websites, a bug in older versions of WinRAR is allowing hackers to install malware.Be careful when downloading TORRENT files especially (anyway?) because this platform is also targeted.
the gist of the article is update your version of WinRAR to the latest version 5.7 winrar latest version
alternately, you can also use 7Z
Advertisement
#2
15th Mar 2019 at 5:10 PM
Last edited by simmer22 : 16th Mar 2019 at 2:14 AM.
Posts: 12,852
Thanks: 3 in 1 Posts
Do you have a link to the article?
Personally, I never auto-extract files - I open the archive and mark the files, moving them over to a folder manually. That way I don't accidentally extract hidden files. Not sure if it helps, but so far I haven't had issues with malware from archive folders.
I've also fixed settings so most programs, downloads and installs don't start without a warning (basically the Windows settings on one of the highest settings, which makes the "do you want to run this program?" window pop up). I know some people find this annoying, but I don't mind too much. If it can help hinder malware, I don't mind at all. I'm also very careful of what I download and where I downlaod from, and I'm always skeptical when visiting new sites. I've also turned browser settings on high, so they don't download stuff I don't know about.
Personally, I never auto-extract files - I open the archive and mark the files, moving them over to a folder manually. That way I don't accidentally extract hidden files. Not sure if it helps, but so far I haven't had issues with malware from archive folders.
I've also fixed settings so most programs, downloads and installs don't start without a warning (basically the Windows settings on one of the highest settings, which makes the "do you want to run this program?" window pop up). I know some people find this annoying, but I don't mind too much. If it can help hinder malware, I don't mind at all. I'm also very careful of what I download and where I downlaod from, and I'm always skeptical when visiting new sites. I've also turned browser settings on high, so they don't download stuff I don't know about.
My site - TS2 baby stuff - ToU
My stories: Anna's diary - Memories are forever - Little Fire Burning
My stories: Anna's diary - Memories are forever - Little Fire Burning
#4
15th Mar 2019 at 6:10 PM
Posts: 3,361
Thanks: 295 in 4 Posts
People still use Winrar? Shit, I haven't used it since I found IZarc.
Because the earth is standing still, and the truth becomes a lie
A choice profound is bittersweet, no one hears Cassandra Goth cry
A choice profound is bittersweet, no one hears Cassandra Goth cry
Help contribute to Plot of Land - Rural Desert Nhood?
#5
15th Mar 2019 at 6:23 PM
WinRAR automatically updated on me sometime last week. This is probably why so mystery solved.
#6
15th Mar 2019 at 11:48 PM
Posts: 6,223
I've learned over the years that you never, ever download a torrent file. They're notorious for having malware in them, and because it's torrent, you gets what you pays for.
Receptacle Refugee & Resident Polar Bear
"Get out of my way, young'un, I'm a ninja!"
Grave Matters: The funeral podium is available here: https://www.mediafire.com/file/e6tj...albits.zip/file
My other downloads are here: https://app.mediafire.com/myfiles
Receptacle Refugee & Resident Polar Bear
"Get out of my way, young'un, I'm a ninja!"
Grave Matters: The funeral podium is available here: https://www.mediafire.com/file/e6tj...albits.zip/file
My other downloads are here: https://app.mediafire.com/myfiles
#7
16th Mar 2019 at 12:23 AM
Posts: 7,361
Thanks: 2933 in 27 Posts
Quote: Originally posted by HarVee
People still use Winrar? Shit, I haven't used it since I found IZarc. |
I had IZarc for the longest time, until I started modding for Minecraft, and was told WinRAR was the only program able to open files associated with it, so i downloaded it.
Now though, it's WinRAR that deals with every zip I have, create etc...and I HATE this.
#8
16th Mar 2019 at 1:16 AM
Posts: 9,810
Thanks: 415 in 15 Posts
Quote: Originally posted by Rosebine
I had IZarc for the longest time, until I started modding for Minecraft, and was told WinRAR was the only program able to open files associated with it, so i downloaded it. Now though, it's WinRAR that deals with every zip I have, create etc...and I HATE this. |
If it's RAR5 7-Zip and Bandizip can both open it
I'm secretly a Bulbasaur. | Formerly known as ihatemandatoryregister
Looking for SimWardrobe's mods? | Or Dizzy's? | Faiuwle/rufio's too! | smorbie1's Chris Hatch archives
#9
16th Mar 2019 at 8:14 AM
Last edited by Sims2Christain : 16th Mar 2019 at 12:35 PM.
Posts: 1,136
Thanks: 71 in 2 Posts
So many grammatical errors
I've not had issues with WinRAR but this is good to know. I always extract files manually but by then its already been downloaded so its too late to do anything about if theres any malware. Not that I've come across any recently and when I finish my computer goes straight into airline mode.Not that it will will help against already installed malware. If it exists on my pc then the antivirus programs should pick up on it soon enough after new updates.
#10
16th Mar 2019 at 11:20 AM
Posts: 10,765
Thanks: 5424 in 47 Posts
The article mentioned bootlegged stuff. If you pirate it you deserve the malware.
#11
16th Mar 2019 at 5:08 PM
Posts: 495
Quote: Originally posted by chicvibe
Because a lot of us use programs to zip our files, I thought I would share this. According to a lot of technical information websites, a bug in older versions of WinRAR is allowing hackers to install malware. Be careful when downloading TORRENT files especially (anyway?) because this platform is also targeted. the gist of the article is update your version of WinRAR to the latest version 5.7 winrar latest version alternately, you can also use 7Z |
My experience, never download any files from TORRENT!!! They are indeed virus files.
#12
16th Mar 2019 at 5:37 PM
Quote: Originally posted by suzymarie64
My experience, never download any files from TORRENT!!! They are indeed virus files. |
No, in general, they aren't. Antivirus software will flag key generators (the thing you use to generate a serial number if you're downloading software you don't actually own, which are often included in torrents of games and other software), but those aren't viruses, either. It's a false positive. The torrents themselves don't generally contain harmful stuff; that's just what's said to scare people away. Torrenting SITES, on the other hand? That's what you need to watch out for. Generally, you can't get to torrents without visiting a search site to find them, and that's where trouble happens for the unwary who just want a free game or something, who go to such sites without being well-firewalled and VPN'ed and stuff. Which you ought to be if you're on the Internet at all anyway, if you're smart.
As for malware: Get good software that prevents you from getting it in the first place. Spybot's good, even its free version. If you already have malware, antivirus programs can be hit-and-miss with detecting and removing it (viruses are only one type of malware), but a more specialized program like Malwarebytes works well, especially if you get the not-free version. Use that, Spybot, and a good antivirus program, and religiously keep all of them updated, and you'll be well-served.
As for unpackers: For heaven's sake, use 7-Zip. It'll unpack pretty much everything. Just set it as the default unpacker for every file type it recognizes. It's free and open-source, too.
I'm mostly found on (and mostly upload to) Tumblr these days because, alas, there are only 24 hours in a day.
Muh Simblr! | An index of my downloads on Tumblr.
Muh Simblr! | An index of my downloads on Tumblr.
#13
16th Mar 2019 at 8:34 PM
Posts: 1,129
Thanks: 108 in 1 Posts
"torrent" is just a protocol. If you want to steer clear of torrents at all, you should never update windows (because IIRC that's the protocol of the updates since Vista - keeping things really simple). Oh... you cannot. Well... speaking of malware.
I'd not encourage anybody for going into "torrenting" in any form without some basic knowledge not only in the basics of computer hygiene and at last elementary competence in networking *and* some enlightement in local application of law. Because in this protocol any peer is both the host and the server. Which means (in plain english) that you're not only downloading but also redistributing the content in question; even if you disable shares, you're still part of the chain which may lead you into legal trouble if within said chain part of the transmitted data is copyrighted for example. And while the 1st may be completely (or barely) legal in your country, the second definitelly wont'be.
And there's the question of source. injecting the link from trusted repository is as safe as it can be in the worl in current state of madness and stupidity. But if you wanna torrent that cute Sims expansion you lack, well - that's a bad idea.
I second that. Why would you use worse program with laughable encryption when you can use better, faster and safer not only without a charge but also well curated and maintained?
favorite quote: "When ElaineNualla is posting..I always read..Nutella. I am sorry" by Rosebine
self-claimed "lower-spec simmer"
I'd not encourage anybody for going into "torrenting" in any form without some basic knowledge not only in the basics of computer hygiene and at last elementary competence in networking *and* some enlightement in local application of law. Because in this protocol any peer is both the host and the server. Which means (in plain english) that you're not only downloading but also redistributing the content in question; even if you disable shares, you're still part of the chain which may lead you into legal trouble if within said chain part of the transmitted data is copyrighted for example. And while the 1st may be completely (or barely) legal in your country, the second definitelly wont'be.
And there's the question of source. injecting the link from trusted repository is as safe as it can be in the worl in current state of madness and stupidity. But if you wanna torrent that cute Sims expansion you lack, well - that's a bad idea.
Quote:
As for unpackers: For heaven's sake, use 7-Zip. It'll unpack pretty much everything. Just set it as the default unpacker for every file type it recognizes. It's free and open-source, too. |
I second that. Why would you use worse program with laughable encryption when you can use better, faster and safer not only without a charge but also well curated and maintained?
favorite quote: "When ElaineNualla is posting..I always read..Nutella. I am sorry" by Rosebine
self-claimed "lower-spec simmer"
#14
16th Mar 2019 at 10:21 PM
Posts: 7,376
Thanks: 4 in 2 Posts
Well, glad I have nothing to worry about. Because I have no clue what everyone is talking about. So I'll just be leaving then.
Stand up, speak out. Just not to me..
Stand up, speak out. Just not to me..
#15
16th Mar 2019 at 10:54 PM
Posts: 689
People seriously still spread the "torrentz are teh evilest thing online they will give you nothing but viruses!" mantra? You're more likely to get malware or virus from a shady ad popping up on adfly page than from a torrent downloaded from popular/safe source. Keywords being 'popular & safe source', if you grab your files from shady sites you're kind of begging for trouble regardless of what you're downloading.
#16
19th Mar 2019 at 11:38 AM
Posts: 6,223
Well, about that WinRAR exploit-it is worse than anyone expected. McAfee is still identifying the exploits going on:
WinRAR patch is issued but the unpatched are at risk
Receptacle Refugee & Resident Polar Bear
"Get out of my way, young'un, I'm a ninja!"
Grave Matters: The funeral podium is available here: https://www.mediafire.com/file/e6tj...albits.zip/file
My other downloads are here: https://app.mediafire.com/myfiles
WinRAR patch is issued but the unpatched are at risk
Receptacle Refugee & Resident Polar Bear
"Get out of my way, young'un, I'm a ninja!"
Grave Matters: The funeral podium is available here: https://www.mediafire.com/file/e6tj...albits.zip/file
My other downloads are here: https://app.mediafire.com/myfiles
#17
19th Mar 2019 at 2:23 PM
Posts: 536
Quote: Originally posted by iCad
No, in general, they aren't. Antivirus software will flag key generators (the thing you use to generate a serial number if you're downloading software you don't actually own, which are often included in torrents of games and other software), but those aren't viruses, either. It's a false positive. The torrents themselves don't generally contain harmful stuff; that's just what's said to scare people away. Torrenting SITES, on the other hand? That's what you need to watch out for. Generally, you can't get to torrents without visiting a search site to find them, and that's where trouble happens for the unwary who just want a free game or something, who go to such sites without being well-firewalled and VPN'ed and stuff. Which you ought to be if you're on the Internet at all anyway, if you're smart. As for malware: Get good software that prevents you from getting it in the first place. Spybot's good, even its free version. If you already have malware, antivirus programs can be hit-and-miss with detecting and removing it (viruses are only one type of malware), but a more specialized program like Malwarebytes works well, especially if you get the not-free version. Use that, Spybot, and a good antivirus program, and religiously keep all of them updated, and you'll be well-served. As for unpackers: For heaven's sake, use 7-Zip. It'll unpack pretty much everything. Just set it as the default unpacker for every file type it recognizes. It's free and open-source, too. |
Just reposting what iCad said. For searching for malware, using something other than anti-virus is a must, as it doesn't pick up everything. Malawarebytes is very good for using after your anti-virus.
I'm still using Win-RAR though,
There's no drama, like Sims drama.
Currently Playing: Sims 2 again!
#18
19th Mar 2019 at 2:26 PM
Posts: 10,765
Thanks: 5424 in 47 Posts
Oh good, I have the latest patch, so I'm fine.
#19
19th Mar 2019 at 5:28 PM
Posts: 9,810
Thanks: 415 in 15 Posts
The exploit itself is actually in the library used to extract ACE archives, which is removed in newer versions and not even present in 7-Zip. I would guess that that the infected "RAR" file is probably just an ACE with a renamed extension. That wouldn't even open in 7-Zip which lacks ACE support.
I'm secretly a Bulbasaur. | Formerly known as ihatemandatoryregister
Looking for SimWardrobe's mods? | Or Dizzy's? | Faiuwle/rufio's too! | smorbie1's Chris Hatch archives
I'm secretly a Bulbasaur. | Formerly known as ihatemandatoryregister
Looking for SimWardrobe's mods? | Or Dizzy's? | Faiuwle/rufio's too! | smorbie1's Chris Hatch archives
Alchemist
#21
20th Mar 2019 at 4:35 AM
Posts: 2,885
Thanks: 17918 in 65 Posts
Lab Assistant
#22
20th Mar 2019 at 5:32 AM
Posts: 138
Thanks: 576 in 7 Posts
Stop using proprietary **** and install 7-Zip.
#23
20th Mar 2019 at 7:57 AM
Posts: 10,765
Thanks: 5424 in 47 Posts
I paid for WinRAR, because it was so useful and I haven't had any problems with it, so I'll keep using it.
#24
20th Mar 2019 at 8:51 PM
Posts: 1,129
Thanks: 108 in 1 Posts
nobody (?) will burn you for that. I hope.
Just most Free Software* is (if curated actively) usually better and safer to use, and also standards' compliant, most proprietary software uses theirs own special format with no other reason than create a jail for the user. Yeah... not to mention these hardware companies able to even invent special screws for... well - screw theirs clients.
But it's your choice. I've never used rar, nor ace because of theirs slowness, weak encryption (like Word level weak), non standard format, and overall peskiness.
*It's not the same so "Open Source", please do not start the armaggeddon there
favorite quote: "When ElaineNualla is posting..I always read..Nutella. I am sorry" by Rosebine
self-claimed "lower-spec simmer"
Just most Free Software* is (if curated actively) usually better and safer to use, and also standards' compliant, most proprietary software uses theirs own special format with no other reason than create a jail for the user. Yeah... not to mention these hardware companies able to even invent special screws for... well - screw theirs clients.
But it's your choice. I've never used rar, nor ace because of theirs slowness, weak encryption (like Word level weak), non standard format, and overall peskiness.
*It's not the same so "Open Source", please do not start the armaggeddon there
favorite quote: "When ElaineNualla is posting..I always read..Nutella. I am sorry" by Rosebine
self-claimed "lower-spec simmer"
#25
20th Mar 2019 at 10:37 PM
Last edited by Bulbizarre : 20th Mar 2019 at 10:52 PM.
Posts: 9,810
Thanks: 415 in 15 Posts
There's a few advantages of rar over 7Z, such as error correction, but I prefer the better compression.
I'm secretly a Bulbasaur. | Formerly known as ihatemandatoryregister
Looking for SimWardrobe's mods? | Or Dizzy's? | Faiuwle/rufio's too! | smorbie1's Chris Hatch archives
I'm secretly a Bulbasaur. | Formerly known as ihatemandatoryregister
Looking for SimWardrobe's mods? | Or Dizzy's? | Faiuwle/rufio's too! | smorbie1's Chris Hatch archives
Who Posted
|