Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT
This article discusses a recent incident where a threat actor created a fake proof of concept (PoC) script for a vulnerability in WinRAR. The fake PoC script was based on a publicly available PoC for a different vulnerability in GeoServer. The intention of the fake PoC was not to target researchers specifically, but rather to compromise other miscreants trying to exploit new vulnerabilities. The article provides details about the fake PoC script, the infection chain it triggers, and the VenomRAT payload that is installed as a result.