BERLIN – Security researchers at the Fraunhofer Institute and an incident-response collective calling itself Grayhand disclosed a WinRAR zero-day on Friday that allows code execution the moment a booby-trapped archive is extracted. The teams, working with Germany’s BSI and two EU bank CERTs, say the exploit has already been used in targeted intrusions against financial trading desks and treasury ops. Indicators point to spear-phished archives posing as settlement packets and audit bundles. WinRAR’s publisher pushed an emergency build overnight and urged “immediate” updating across Windows estates, while gateway vendors rushed mitigations for mail and file scanners that auto-expand attachments for inspection.
The impossible part is where the bug lives: not in a file, but in the ratio. Grayhand’s write-up calls it a “compression grammar fault,” nicknamed ATTIC/GRAMMARJACK, where a crafted sequence of back-references and dictionary resets forces the extractor into a mis-parsed state that jumps into attacker-controlled instruction tables generated by the decompressed pattern itself. In plain English, the code rides inside the timing and repetition of the data—malware as meter. When the archive expands, the parser briefly believes the next token is a handler address. No macro prompts, no hidden executables in the tree; the payload is the rhythm. One analyst described it as “teaching the zipper to hum a tune that opens the door.”
The truth bomb is dumber and scarier: half of corporate Europe still treats a 1990s shareware utility as critical infrastructure. A leaked memo from a major clearing bank’s “Records & Receipts” group admits that quarterly archives of SWIFT attestations, HR payroll bundles, and vendor backups are “RAR-standardized for legacy comfort.” Email gateways proudly “flatten” attachments for CDR scanning—by auto-extracting them first—putting the most privileged machines in the blast radius. Procurement never bought proper licenses because WinRAR never really stops working, and the patch cadence for “trialware everyone forgot to pay for” is whatever the help desk feels like. “We designed our controls around files,” a European regulator said in a call Thursday, “and this thing weaponizes the process.”
Defense guidance is already a museum of the absurd. BSI’s temporary advisory recommends air-gap decompression kiosks—a literal cart with a fresh image, a printer, and no NIC—until fleet patching catches up. Two exchanges told members to pause the practice of “pre-unboxing” counterparties’ attachments on secure mail relays. Insurers have begun asking for screenshots of the WinRAR About dialog as part of renewal questionnaires, while red teams report that the same parsing lineage lurks in firmware unpackers for printers, NAS boxes, and security cameras. Banks that run e-discovery or trade-surveillance pipelines on overnight batch shares discovered those jobs were the perfect detonation timers: clean at 5 p.m., compromised by 6 a.m., with forensics blaming the janitor’s vacuum for the network spike.
The patched build closes the specific grammar fault, but samples captured late Friday hint at a nastier evolution: archives that carry negative entries—placeholders that don’t unpack files so much as unpack your machine by coercing the extractor into reading local paths as if they were part of the archive. One lab recovered a bundle that expanded to an empty folder and a perfectly normal checksum, yet the SIEM lit up with outbound traffic as if a ghost directory had been exfiltrated. “Opening the wrong ZIP could open your whole network,” a researcher said, and the line turns out to be literal. If compression is the art of removing what doesn’t matter, attackers have found a way to remove the only thing that did: your permission.