WinRAR Exploit Allows Coin Wallet Theft, But It Has Survived 14 Years Without Any Public Knowledge
Most cryptocurrency exchanges have some kind of auditing performed on their platform periodically, determining if there are any glitches or bugs that would inhibit the safety of consumers. There is a trialware product called WinRAR, which is file archiver utility for Windows operating systems. It allows for the unpacking of many archive file formats. In a recent post from a user on the Bitcoin subreddit, it seems that there is an exploit on the common version of this trialware, allowing executable code to be input into a system for the theft of cryptocurrency.
The fact that cryptocurrency can be infiltrated in this way is already stunning enough, but the user revealed that this buy has existed for 14 years without being detected until now. Considering that the crypto market was not developed until 10 years ago, this means that someone had to create a bug in the code that had not been prepared for what it could do to future technologies.
To fix the patch problem, users only need to download the latest version from an official source. However, WinRAR is used by about 500 million users, and it is one of the most common pieces of software even available. The user notes that all it takes is opening the wrong RAR file, and a payload is put directly into the startup folder for Windows. As soon as the computer is rebooted, an exe file comes up, and no one ever updates their WinRAR so this would not be the case.
By enabling the code, it is fairly easy to allow Bitcoin wallets to be stolen from. Most investors know that they should not perform any crypto interactions on a general-purpose computer, if they can avoid it. In the event that they choose to use one, anti-virus software should already be installed. The risk all depends on the user, with hardware wallets easily being the safest way to protect holdings.
The library that WinRAR uses to process ACE archive files is responsible for this bug, so the creators of WinRAR have chosen to no longer support these kinds of files at all, making the bug useless. However, as stated above, the updated version is necessary to bypass it. The code had remained untouched since 2005, but the stable version can protect users.
Still, there is a major problem in crypto security that this event sheds light on – a user is only as secure as the location of their crypto operations. Windows has been the least secure for quite some time, but the popularity of the operating system seemed to take precedence for users. When storing cryptocurrency, the primary goal should be to maintain good security practices. Considering that this new crypto era gives a financial initiative to attackers, any protection and security is a necessity to token holders.