When playing with crypto watch out for things like the WinRAR vulnerability
2 min read
So something that comes up once in a while is a legit software like WinRAR might have a security problem, and in many cases it has been patched but people don’t update to the newest. This leading to major problems.
This is my example for this case: https://www.zerodayinitiative.com/advisories/ZDI-23-1152/
I’m using WinRAR as an example because with this vulnerability by going to a malicious website or opening an infected file this basically gives access to your machine. The vulnerability was found 2 months ago, and has been patched.
Now the thing is, if you have a ton of left over software on your machine that you don’t use. It is best to look at cleaning things up once in a while because this could be used as a path. In some cases the what could happen is whatever uploaded could look for things referencing crypto, password, important, etc on your local system. Or it can monitor and look for things like your seed phrase or screw with things as you try to use a given site. This making it where instead of signing a smart contract of your favorite DEX you signed a hackers smart contract.
TLDR
If you aren’t going to use given programs on your computer for a long while. Think about getting rid of them. And if you do decide to horde it, then think about keeping them on an external drive.
And anything you are going to have on your computer, make sure it stays up to date and watch out for things like this.
submitted by /u/crua9
[link] [comments]
