Summary: A significant vulnerability affecting Microsoft Windows shortcuts, exploited by numerous state-sponsored and criminal groups since 2017, has come under scrutiny. Despite identification by researchers at the Zero Day Initiative, Microsoft has classified the vulnerability as low severity and is not prioritizing a patch. The exploitation primarily targets espionage and data theft, impacting various organizations globally, particularly in the U.S.
Affected: Microsoft Windows
Keypoints :
- Nearly a dozen nation-state groups from North Korea, Iran, Russia, and China are exploiting a Windows shortcut vulnerability.
- Manipulated .lnk files are disguised to mislead users into executing malicious content, often through spoofed file extensions.
- Over 300 identified victims primarily in the U.S. with a focus on data theft and espionage rather than financial gain.
Source: https://therecord.media/windows-lnk-files-nation-state-hacking-campaigns