Bleeping Computer

Emotet malware now installs via PowerShell in Windows shortcut files

The Emotet botnet is now using Windows shortcut files (.LNK) containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default. The ...
Computerworld

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...
Infosecurity-magazine.com

Cyber-criminals Shift From Macros to Shortcut Files to Hack Business PCs, HP Reports

Cyber-criminals spreading malware families are shifting to shortcut (LNK) files to deliver malware, HP Wolf Security’s latest report suggests. According to the new research, shortcuts are gradually ...
Dark Reading

North Korean APT Gets Around Macro-Blocking With LNK Switch-Up

North Korea's APT37 threat group is providing fresh evidence of how adversaries have pivoted to using LNK, or shortcut files, to distribute malicious payloads after Microsoft began blocking macros by ...
CSOonline

Windows shortcut weaponized in Phorpiex-linked ransomware campaign

Researchers revealed a Phorpiex-distributed phishing campaign using malicious LNK files to deploy Global Group ransomware designed to operate entirely offline. Forcepoint X-Labs researchers have ...