An other supply chain attack

Andrew3000

Andrew3000

Level 11
Thread author
Verified
Top Poster
Malware Hunter
Well-known
Feb 8, 2016
516
The official Italian reseller of WinRar was attacked, and the legit file has been replaced with a ransomware. I contacted them to inform them of the problem. What do you think about the attacks on the supply chain? Are they becoming an increasingly difficult problem to manage?

215279

Virustotal: VirusTotal

AnyRun: WinRAR-x64-571it (1).exe (MD5: FD3F3AF76D31D8F134E2E02463D89D29) - Interactive analysis - ANY.RUN
 
  • Like
  • Wow
  • +Reputation
Reactions: plat, oldschool, Viking and 7 others
Dave Russo

Dave Russo

Level 21
Verified
Top Poster
Well-known
May 26, 2014
1,056
Thanks,Did you detect this at home?,I did not notice on virus total, the date or time of first detection,thanks for the post,its said 31 minutes ago but that time dos"t seem to correspond with your post
 
  • Like
Reactions: roger_m and Andrew3000
Andrew3000

Andrew3000

Level 11
Thread author
Verified
Top Poster
Malware Hunter
Well-known
Feb 8, 2016
516
Dave Russo said:
Thanks,Did you detect this at home?,I did not notice on virus total, the date or time of first detection,thanks for the post,its said 31 minutes ago but that time dos"t seem to correspond with your post
Click to expand...

Yes, last night while I was doing some tests on samples and I needed to download winrar on the windows' sandbox, so I downloaded the exe from their site and as soon as I finished downloading I realized that something was wrong. I did so many tests and scans, it was a ransomware. Sodinokibi is attacking hard in Italy.
 
  • Like
  • Applause
Reactions: roger_m, plat, Dave Russo and 3 others

Similar threads

Lymphocyte
    • Like
Security News North Korean hackers linked to defense sector supply-chain attack
Replies
0
Views
1,227
Security News
Lymphocyte
Lymphocyte
Gandalf_The_Grey
    • +Reputation
More APTs Eye Managed Service Providers in Supply Chain Attacks
Replies
0
Views
870
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • +Reputation
    • Like
Hackers compromise 3CX desktop app in a supply chain attack
Replies
1
Views
1,812
News Archive
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top