Week 10: Spear Finishing in Turkey with LNK Files
Phishing has taken on a new dimension in the last few years: using LNK files (Microsoft specific files that can provide a shortcut from one file to another). The purpose of these files is specifically to open PowerShell and run a command to download more malware from an online server. The group Patchwork has been associated with the recent LNK spear phishing attacks against defense contractors in Turkey specifically. Since 2009 the malware group has been suspected of associating with the State of India making them a formattable threat. References: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/rise-of-lnk-shortcut-files-malware/ https://www.mcafee.com/blogs/other-blogs/mcafee-labs/rise-of-lnk-shortcut-files-malware/