Malicious ZIP Files Use Windows Shortcuts to Drop Malware

Cybersecurity firm Blackpoint Cyber reveals a new spear phishing campaign targeting executives. Learn how attackers use fraudulent document ZIPs containing malicious shortcut files, leveraging ‘living off the land’ tactics, and a unique Anti-Virus check to deliver a custom payload

A new wave of phishing attacks has been detected by the cybersecurity research firm, Blackpoint Cyber, that is exploiting users’ trust in sensitive documents. This research, shared with Hackread.com, reveals a campaign that uses identity-themed phishing archives.

These include fake certified documents, passport scans, and payment files, to deliver malicious code. By leveraging familiar file themes, the attackers increase their chances of success and gain initial access to victims’ systems.

In one case examined for this research, a custom-designed spear phishing message was delivered as a ZIP archive, specifically targeting a senior employee or manager with files mimicking routine executive workflows, including identity verification and payment approvals.

How a simple ...