Kimsuky is using multi-stage malicious LNK files to deploy a Python-based backdoor, adding new intermediate scripts while keeping the final payload logic largely unchanged. The campaign abuses Windows Task Scheduler, Dropbox, and bundled Python runtimes to evade detection and maintain persistence on infected systems. The ZIP contained a Python script (can.py), a standalone Python interpreter, […]

The post Kimsuky Uses Malicious LNK Files to Drop Python Backdoor appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/kimsuky-uses-lnk-files/