2 matches found
New Attack Uses Windows Shortcut Files to Install REMCOS Backdoor
Security firm Point Wild has exposed a new malware campaign using malicious LNK files to install the REMCOS backdoor. This report details how attackers disguise files to gain full system control...
Gamaredon campaign abuses LNK files to distribute Remcos backdoor
Cisco Talos is actively tracking an ongoing campaign targeting users in Ukraine with malicious LNK files, which run a PowerShell downloader, since at least November 2024. The file names use Russian words related to the movement of troops in Ukraine as a lure. The PowerShell downloader contacts...