Hackers Weaponizing LNK Files To Create Scheduled Task And Deliver Malware Payload

TA397, also known as Bitter, targeted a Turkish defense organization with a spearphishing email containing a RAR archive, which included a decoy PDF, a malicious LNK file disguised as a PDF, and an ADS file with PowerShell code.  This technique, common for TA397, leverages NTFS ADS to establish persistence and deploy further malware like wmRAT […]

The post Hackers Weaponizing LNK Files To Create Scheduled Task And Deliver Malware Payload appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Read the original article: