Windows Shortcut Flaw underpins power plant Trojan

Hackers have developed malware that spreads via USB sticks using a previously unknown security weakness involving Windows' handling of shortcut files.

Malware targeting the security weakness in the handling of 'lnk shortcut files has been spotted in the wild by Belarus-based security firm VirusBlokAda. The malware uses rootkit-style functionality to mask its presence on infected systems. These rootlet drivers come digitally signed by legitimate software developer Realtek Semiconductor, a further mark of the sophistication of the attack.

In an advisory, VirusBlokAda says it has seen numerous incidents of the Trojan spy payloads dropped by the malware since adding detection for the malign code last month.

Even fully patched Windows 7 systems are vulnerable to attack in cases where a user views files on an infected USB drive using Windows Explorer, security blogger Brian Krebs reports. Instead of using Windows Autoplay the spread the malware takes advantage in security weaknesses involving shortcut files. Malicious shortcuts on the USB are reportedly capable of auto-executing if users open an infected storage device on Windows Explorer. Normally users would have to click on the link for anything to happen.

Read more -here-

• Google, Meta, Apple receive FCC approval to tap into airwaves for VR and AR
• State-sponsored hackers are leveraging WinRAR bug
• Amazon launches drug delivery by drone
• Unpatched Zero-Day being exploited in the wild, Cisco warns
• Apple plans to update iPhones in-store without opening the boxes
• Microsoft just bought Activision Blizzard for $69 billion