Preview Mode Links will not work in preview mode

Exploit Brokers - Tech and Hacking News Commentary

  1. All Episodes
  2. HN55 - Double Zipping Danger: The 7-Zip Exploit That Could Hack Your PC

HN55 - Double Zipping Danger: The 7-Zip Exploit That Could Hack Your PC

Feb 6, 2025

Welcome back to Exploit Brokers! In today’s video, we dive deep into a critical 7‑Zip vulnerability that’s being exploited by Russian cybercriminals to bypass Windows’ security protections. If you’ve used 7‑Zip at all, you need to know how this flaw can let hackers sneak past the Mark-of-the-Web (MOTW) and deploy dangerous malware like Smoke Loader.

We'll also explore a parallel threat in the Go ecosystem—malicious packages exploiting caching mechanisms to gain persistent remote access to your system. From double-zipped archives to supply chain attacks, we break down the tactics, the risks, and most importantly, what you can do to protect yourself and your organization.

In this video you’ll learn:

How the 7‑Zip vulnerability works and why updating to the latest version is crucial.
The role of Windows’ MOTW and how hackers are bypassing this key security feature.
Details on the deployment of Smoke Loader malware and its implications.
How malicious Go packages and supply chain attacks can compromise your systems.
Practical tips to safeguard your data and networks against these emerging threats.
Stay informed, stay secure—hit that like button, subscribe, and ring the bell for more cybersecurity insights!


Drop your questions or thoughts in the comments below—we love hearing from you!

#Cybersecurity #7Zip #WindowsSecurity #Malware #SmokeLoader #GoLang #SupplyChainAttack #Cybercrime #InfoSec #Hacking #RussianHackers #APT #NationStateHackers #exploits #ZeroDays

👍 Enjoyed the episode? Give it a like and share your thoughts in the comments below!

🔔 Don't forget to subscribe and hit the notification bell to stay updated on all things cybersecurity and tech.

Listen to our podcast on:

Apple Podcasts
Spotify
And wherever you get your podcasts!

Show Notes: https://exploitbrokers.com/podcasts/hn55

📢 Connect with us:

Newsletter: https://follow.exploitbrokers.com
Twitter: @ExploitBrokers
Medium: https://medium.com/@exploitbrokers
TikTok: https://www.tiktok.com/@exploitbrokers


🔗 References & Sources
* Malicious Cached Go Modules: https://thehackernews.com/2025/02/malicious-go-package-exploits-module.html
* Russian hackers Exploit 7-zip: https://thehackernews.com/2025/02/russian-cybercrime-groups-exploiting-7.html