Kimsuky Deploys Malicious LNK Files to Implant Python-Based Backdoor in Multi-Stage Attack

Notable Changes Observed in Malicious LNK Files Distributed by Kimsuky Group Article Summary: The North Korean Kimsuky hacker group recently used malicious LNK files disguised as HWP documents to launch multi-stage attacks. They extended the attack chain by adding intermediate stages such as XML, VBS, and PS1 files to evade detection. The attack creates hidden folders, registers scheduled tasks for persistence, and finally deploys a Python backdoor that supports remote command execution, file th