all InfoSec news
LNK File Disguised as Certificate Distributing RokRAT Malware
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab SEcurity intelligence Center (ASEC) has confirmed the continuous distribution of shortcut files (*.LNK) of abnormal sizes that disseminate backdoor-type malware. The recently confirmed shortcut files (*.LNK) are found to be targeting South Korean users, particularly those related to North Korea. The confirmed LNK file names are as follows:
- National Information Academy 8th Integrated Course Certificate (Final).lnk
- Gate access roster 2024.lnk
- Northeast Project (US Congressional Research Service (CRS Report).lnk
- Facility list.lnk
Figure 1. Confirmed properties of the LNK files
The …
abnormal academy ahnlab asec backdoor center certificate continuous disguised distribution file files found information intelligence korea lnk lnk file malware malware analysis names national north north korea rokrat rokrat malware security security intelligence shortcut south targeting