{"id":33561,"date":"2023-01-23T14:59:20","date_gmt":"2023-01-23T14:59:20","guid":{"rendered":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/"},"modified":"2023-01-23T15:00:25","modified_gmt":"2023-01-23T15:00:25","slug":"threat-groups-are-using-windows-lnk-files-to-gain-access-the-register","status":"publish","type":"post","link":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/","title":{"rendered":"Threat groups are using Windows LNK files to gain access \u2022 The Register"},"content":{"rendered":"<p> <a href=\"https:\/\/go.fiverr.com\/visit\/?bta=1052423&nci=17043\" Target=\"_Top\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/fiverr.ck-cdn.com\/tn\/serve\/?cid=40081059\"  width=\"601\" height=\"201\"><\/a>\n<\/p>\n<div id=\"body\">\n<p>Microsoft&#8217;s transfer final 12 months to dam macros by default in Workplace purposes is forcing miscreants to search out different instruments with which to launch cyberattacks, together with the software program vendor&#8217;s LNK information \u2013 the shortcuts Home windows makes use of to level to different information.<\/p>\n<p>&#8220;When Microsoft introduced the modifications to macro habits in Workplace on the finish of 2021, only a few of probably the most prevalent malware households used LNK information as a part of their preliminary an infection chain,&#8221; Guilherme Venere, risk researcher at Talos, <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/blog.talosintelligence.com\/following-the-lnk-metadata-trail\/\">wrote<\/a> in a report dated January 19. &#8220;Normally, LNK information are utilized by worm sort malware like Raspberry Robin with a purpose to unfold to detachable disks or community shares.&#8221;<\/p>\n<p>The information are additionally serving to criminals acquire preliminary entry into victims&#8217; programs earlier than operating such threats because the Qakbot backdoor malware, malware loader <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/04\/29\/bumblee-malware-conti-malware\/\" rel=\"noopener\">Bumblebee<\/a>, and IcedID, a malware dropper, in response to the Talos researchers.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\">\n        <noscript><br \/>\n            <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y86gyPfMfAlIQFE32a3GHAAAAAc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y86gyPfMfAlIQFE32a3GHAAAAAc&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt=\"\"\/><br \/>\n            <\/a><br \/>\n        <\/noscript>\n    <\/div>\n<p>The superior persistent risk (APT) group Gamaredon has additionally put LNK information to work, together with a marketing campaign that began in August 2022 in opposition to organizations in Ukraine.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y86gyPfMfAlIQFE32a3GHAAAAAc&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y86gyPfMfAlIQFE32a3GHAAAAAc&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt=\"\"\/><br \/>\n                <\/a><br \/>\n            <\/noscript>\n        <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\">\n                <noscript><br \/>\n                    <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y86gyPfMfAlIQFE32a3GHAAAAAc&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                        <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y86gyPfMfAlIQFE32a3GHAAAAAc&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt=\"\"\/><br \/>\n                    <\/a><br \/>\n                <\/noscript>\n            <\/div>\n<\/p><\/div>\n<p>The shift to different strategies and instruments within the wake of Microsoft&#8217;s VBA <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/07\/22\/microsoft-windows-vba-macros\/\" rel=\"noopener\">macros move<\/a> was swift. Quickly after the macros had been blocked, Proofpoint researchers <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.proofpoint.com\/us\/blog\/threat-insight\/how-threat-actors-are-adapting-post-macro-world\">noted<\/a> that cybercriminals had been on the lookout for alternate options, together with ISO and RAR attachments, plus LNK information.<\/p>\n<p>In December, Talos researchers <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/12\/21\/microsoft_talos_excel_xll_threats\/\" rel=\"noopener\">said<\/a> that some APT teams and malware households had been shifting to XLL information in Excel.<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/regmedia.co.uk\/2022\/07\/22\/shutterstock_crowbar.jpg?x=174&amp;amp;y=115&amp;amp;crop=1\" width=\"174\" height=\"115\" alt=\"Silhouette of someone carrying a crowbar by some windows\"\/><\/p>\n<h2 title=\"Blockade against VBA scripts in downloaded files is back on by default\">Microsoft closes off two avenues of assault: Workplace macros, RDP brute-forcing<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2022\/07\/22\/microsoft-windows-vba-macros\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>Risk teams&#8217; potential to adapt is not shocking, in response to Mike Parkin, senior technical engineer at Vulcan Cyber. &#8220;We have seen risk actors evolve quickly in response to modifications of their goal&#8217;s defenses or to modifications in assault floor,&#8221; he informed <i>The Register<\/i>. &#8220;Workplace macros had been a favourite vector, so it was no shock attackers discovered one thing else to make use of within the type of LNK (hyperlink) information.&#8221;<\/p>\n<p>Utilizing malicious LNK file for preliminary entry &#8220;is a intelligent method that is been used for years, together with within the Stuxnet assaults that had been first uncovered in 2010,&#8221; Phil Neray, vp of cyber protection technique at CardinalOps, informed <i>The Register<\/i>. &#8220;It is an efficient method as a result of it exploits a elementary function of Home windows, which is to robotically launch executables utilizing the metadata saved within the LNK file.&#8221;<\/p>\n<p>It was whereas monitoring commodity malware teams that Talos analysts noticed the rising recognition of malicious LNK information as the strategy used for gaining preliminary entry to obtain and govt payloads, Venere wrote.<\/p>\n<p>The very nature of LNK information makes them enticing to miscreants. Specifically, the LNK format shops lots of details about the goal object and concerning the utility habits and metadata of the system wherein the LNK file was created. The metadata itself accommodates different information concerning the goal file&#8217;s attributes.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y86gyPfMfAlIQFE32a3GHAAAAAc&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y86gyPfMfAlIQFE32a3GHAAAAAc&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt=\"\"\/><br \/>\n                <\/a><br \/>\n            <\/noscript>\n        <\/div>\n<p>There are also instruments out there to the general public for parsing and analyzing the LNK construction \u2013 akin to Google&#8217;s free LNK Parser \u2013 that additionally can be utilized by criminals.<\/p>\n<p>As well as, attackers are creating their very own malicious LNK information via publicly out there builder instruments like MLNK Builder, Quantum Builder, and RustLNKBuilder, which assist them evade detection.<\/p>\n<p>&#8220;By rigorously crafting these LNK information, risk actors can get them to bypass among the safeguards in place and have them execute obtain and execute malicious code, amongst different issues,&#8221; Vulcan Cyber&#8217;s Parkin mentioned. &#8220;Attackers&#8217; fast change of strategy from macros to LNK information factors out that we&#8217;re coping with adversaries who may be fairly inventive find new methods to abuse present performance.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y86gyPfMfAlIQFE32a3GHAAAAAc&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y86gyPfMfAlIQFE32a3GHAAAAAc&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt=\"\"\/><br \/>\n                <\/a><br \/>\n            <\/noscript>\n        <\/div>\n<p>Most of the instruments utilized by the criminals depart data within the metadata that may assist risk researchers hyperlink them to the malicious teams, Talos&#8217; Venere wrote, including that the Talos researchers noticed most of the builders wiped off the metadata from the file, a sign of suspicious habits.<\/p>\n<p>That mentioned, Talos used the metadata in samples to determine most of the risk teams utilizing malicious LNK information and to detect relationships \u2013 together with Bumblebee&#8217;s connection to each Qakbot and IcedID \u2013 via such tells as use of the identical Drive Serial Quantity and hashes by the completely different teams.<\/p>\n<p>&#8220;By analyzing and monitoring data leaked via metadata, and correlating this data with different actors&#8217; techniques, strategies and procedures, defenders can develop higher detections and even predict future habits, to arrange for an assault,&#8221; he wrote. \u00ae<\/p>\n<p>\u00a0<\/p>\n<\/p><\/div>\n<iframe data-lazy=\"true\" data-src=\"https:\/\/www.fiverr.com\/gig_widgets?id=U2FsdGVkX18x7XQvttUTrv1oEqmGNGTgvvCUiUoJ\/AP4z\/UyMz8lXGOLpu15jIMxBbTR0gmD5uBoFvhC4KWeALQRp3h\/X\/AwcVD0K8Wj9H\/ZzYKzcCNHosB9oS4SCJJFWiN85P9ICAc4OgCoE\/wHKIY7CDkf2\/DQ1vqGvk4smVe5cRDEmrLPCWi4FC8p40VUhSmWQ5udCm0zoJtorgWv3vbDQw0kKYkwn39ozAnQXDe+YvWMxkLFWA+O3TFwkJvdkIK+\/AUSnRssPKt5WHY0FhNOxnSPcLslEL4G4\/RfP95ve99U+kRnDy3X+KtzdQLY+u935ghON\/o3UE4IMv9oN6JX9RnxzL\/LRcOgnHigxStSGPKsZYtnz8RWNVT\/rOLAibqiWJadC5MYHRbekF3eg6FOGrQGkXYbsn0+a5aovnlLCbLwIqY9fcS17UX8J235iQ6cdmHNbrPeS84CMm34RA==&affiliate_id=1052423&strip_google_tagmanager=true\" loading=\"lazy\" data-with-title=\"true\" class=\"fiverr_nga_frame\" frameborder=\"0\" height=\"350\" width=\"100%\" referrerpolicy=\"no-referrer-when-downgrade\" data-mode=\"random_gigs\" onload=\" var frame = this; var script = document.createElement('script'); script.addEventListener('load', function() { window.FW_SDK.register(frame); }); script.setAttribute('src', 'https:\/\/www.fiverr.com\/gig_widgets\/sdk'); document.body.appendChild(script); \" ><\/iframe>\n<br \/><a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2023\/01\/23\/threat_groups_malicious_lnk\/\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft&#8217;s transfer final 12 months to dam macros by default in Workplace purposes is forcing miscreants to search out different instruments with which to launch&#8230;<\/p>\n","protected":false},"author":1,"featured_media":31228,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-33561","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech-universe"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Threat groups are using Windows LNK files to gain access \u2022 The Register - mailinvest.blog<\/title>\n<meta name=\"description\" content=\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Threat groups are using Windows LNK files to gain access \u2022 The Register - mailinvest.blog\" \/>\n<meta property=\"og:description\" content=\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/\" \/>\n<meta property=\"og:site_name\" content=\"mailinvest.blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/freelanceracademic\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-23T14:59:20+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-01-23T15:00:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mailinvest.blog\/wp-content\/uploads\/2023\/01\/microsoft.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"627\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin@mailinvest.blog\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin@mailinvest.blog\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/23\\\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/23\\\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\\\/\"},\"author\":{\"name\":\"admin@mailinvest.blog\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/person\\\/012701c4c204d4e4ebd34f926cfd31a4\"},\"headline\":\"Threat groups are using Windows LNK files to gain access \u2022 The Register\",\"datePublished\":\"2023-01-23T14:59:20+00:00\",\"dateModified\":\"2023-01-23T15:00:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/23\\\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\\\/\"},\"wordCount\":771,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/23\\\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/microsoft.jpg\",\"articleSection\":[\"Tech Universe\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/23\\\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/23\\\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\\\/\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/23\\\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\\\/\",\"name\":\"Threat groups are using Windows LNK files to gain access \u2022 The Register - mailinvest.blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/23\\\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/23\\\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/microsoft.jpg\",\"datePublished\":\"2023-01-23T14:59:20+00:00\",\"dateModified\":\"2023-01-23T15:00:25+00:00\",\"description\":\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/23\\\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/23\\\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/23\\\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/microsoft.jpg\",\"contentUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/microsoft.jpg\",\"width\":1200,\"height\":627},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2023\\\/01\\\/23\\\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mailinvest.blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Threat groups are using Windows LNK files to gain access \u2022 The Register\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#website\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/\",\"name\":\"mailinvest.blog\",\"description\":\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis. mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mailinvest.blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\",\"name\":\"mailinvest\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/default.png\",\"contentUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/default.png\",\"width\":1000,\"height\":1000,\"caption\":\"mailinvest\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/freelanceracademic\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/person\\\/012701c4c204d4e4ebd34f926cfd31a4\",\"name\":\"admin@mailinvest.blog\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"caption\":\"admin@mailinvest.blog\"},\"sameAs\":[\"https:\\\/\\\/mailinvest.blog\",\"admin@mailinvest.blog\"],\"url\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/author\\\/adminmailinvest-blog\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Threat groups are using Windows LNK files to gain access \u2022 The Register - mailinvest.blog","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/","og_locale":"en_US","og_type":"article","og_title":"Threat groups are using Windows LNK files to gain access \u2022 The Register - mailinvest.blog","og_description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","og_url":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/","og_site_name":"mailinvest.blog","article_publisher":"https:\/\/www.facebook.com\/freelanceracademic\/","article_published_time":"2023-01-23T14:59:20+00:00","article_modified_time":"2023-01-23T15:00:25+00:00","og_image":[{"width":1200,"height":627,"url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2023\/01\/microsoft.jpg","type":"image\/jpeg"}],"author":"admin@mailinvest.blog","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin@mailinvest.blog","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/#article","isPartOf":{"@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/"},"author":{"name":"admin@mailinvest.blog","@id":"https:\/\/mailinvest.blog\/#\/schema\/person\/012701c4c204d4e4ebd34f926cfd31a4"},"headline":"Threat groups are using Windows LNK files to gain access \u2022 The Register","datePublished":"2023-01-23T14:59:20+00:00","dateModified":"2023-01-23T15:00:25+00:00","mainEntityOfPage":{"@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/"},"wordCount":771,"commentCount":0,"publisher":{"@id":"https:\/\/mailinvest.blog\/#organization"},"image":{"@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/#primaryimage"},"thumbnailUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2023\/01\/microsoft.jpg","articleSection":["Tech Universe"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/","url":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/","name":"Threat groups are using Windows LNK files to gain access \u2022 The Register - mailinvest.blog","isPartOf":{"@id":"https:\/\/mailinvest.blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/#primaryimage"},"image":{"@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/#primaryimage"},"thumbnailUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2023\/01\/microsoft.jpg","datePublished":"2023-01-23T14:59:20+00:00","dateModified":"2023-01-23T15:00:25+00:00","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","breadcrumb":{"@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/#primaryimage","url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2023\/01\/microsoft.jpg","contentUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2023\/01\/microsoft.jpg","width":1200,"height":627},{"@type":"BreadcrumbList","@id":"https:\/\/mailinvest.blog\/index.php\/2023\/01\/23\/threat-groups-are-using-windows-lnk-files-to-gain-access-the-register\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mailinvest.blog\/"},{"@type":"ListItem","position":2,"name":"Threat groups are using Windows LNK files to gain access \u2022 The Register"}]},{"@type":"WebSite","@id":"https:\/\/mailinvest.blog\/#website","url":"https:\/\/mailinvest.blog\/","name":"mailinvest.blog","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis. mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","publisher":{"@id":"https:\/\/mailinvest.blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mailinvest.blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mailinvest.blog\/#organization","name":"mailinvest","url":"https:\/\/mailinvest.blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailinvest.blog\/#\/schema\/logo\/image\/","url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/default.png","contentUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/default.png","width":1000,"height":1000,"caption":"mailinvest"},"image":{"@id":"https:\/\/mailinvest.blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/freelanceracademic\/"]},{"@type":"Person","@id":"https:\/\/mailinvest.blog\/#\/schema\/person\/012701c4c204d4e4ebd34f926cfd31a4","name":"admin@mailinvest.blog","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","caption":"admin@mailinvest.blog"},"sameAs":["https:\/\/mailinvest.blog","admin@mailinvest.blog"],"url":"https:\/\/mailinvest.blog\/index.php\/author\/adminmailinvest-blog\/"}]}},"_links":{"self":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts\/33561","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/comments?post=33561"}],"version-history":[{"count":1,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts\/33561\/revisions"}],"predecessor-version":[{"id":33562,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts\/33561\/revisions\/33562"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/media\/31228"}],"wp:attachment":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/media?parent=33561"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/categories?post=33561"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/tags?post=33561"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}