Wu said that the chief information security officer of Slow Mist, 23pds, tweeted that the North Korean-linked hacker group APT37 is hiding malware in JPEG image files to launch attacks. The malware uses a two-phase encrypted shellcode injection method to hinder analysis. The attackers utilize shortcut files with a .lnk extension to embed Cmd or PowerShell commands within to carry out the attacks.
Disclaimer: Includes third-party opinions. No financial advice. May include sponsored content.See T&Cs.
