"Cybercriminals Shift From Macros to Shortcut Files to Hack Business PCs, HP Report"
Security researchers at HP Wolf Security have discovered that cybercriminals spreading malware are shifting to shortcut (LNK) files to deliver malware. The researchers stated that shortcuts are gradually replacing Office macros (which are starting to be blocked by default by Microsoft) as a way for attackers to get a foothold within networks by tricking users into infecting their PCs with malware. The researchers noted an 11% rise in archive files containing malware, including LNK files. Further, the data suggests that 69% of malware detected was delivered via email, while web downloads were responsible for 17%. The researchers found that attackers often placed shortcut files in ZIP email attachments to help them evade email scanners. The researchers also spotted LNK malware builders available for purchase on hacker forums. The researchers stated that opening a shortcut or HTML file may seem harmless to an employee but can result in a major risk to the enterprise. The researchers noted that organizations must take steps now to protect against techniques increasingly favored by attackers. The researchers recommend companies block shortcut files received as email attachments or downloaded from the web whenever possible.