14 DAY TRIAL // Shortcut files are often used by cybercriminals to distribute malware. Symantec experts have recently observed another interesting targeted attack technique that relies on shortcut files.
The attack starts with an email that carries an archive file. This archive contains a folder and a shortcut file that appears to point to another folder.
The real folder contains a couple of hidden .dat files and a Microsoft Office document.
When the shortcut file is launched, the two .dat files are assembled into one malicious file. At this point, the targeted computer becomes infected with malware.
According to researchers, cybercriminals rely on this tactic for a number of reasons. First of all, the malware can avoid being detected.
Furthermore, since there’s no executable file in the archive, the gateway security products many organizations deploy to make sure their employees don’t receive malicious emails might not filter the messages.
Finally, the use of shortcut files makes the whole attack simple and cost-effective because no exploits are required.