Summary: Hackers are actively targeting 7ZIP on the Microsoft App Store to spread malware, with a fake Russian 7ZIP package appearing in search results. Microsoft has removed the malicious software, named UTG-Q-003, after almost a year of it being undetected. Attackers utilized the JPHP library's "jurl" function to fetch payloads from a remote server, and the malware included Redline, Lumma Stealer, and Amadey. The attackers employed various download methods and redirected webpages through WordPress sites. They also utilized fake Cloudflare DDoS protection and phishing links to exploit target hosts. The malware surge on the Microsoft App Store may be linked to the WinRAR vulnerability. Attribution of the attacker is challenging due to connections to Russia and Ukraine. #cybersecurity #malware

https://cybersecuritynews.com/malicious-7zip-on-microsoft-app-store/