A critical security flaw in Microsoft Windows, tracked as ZDI-CAN-25373, has been leveraged by 11 state-sponsored groups since 2017 for various malicious purposes, including data theft and espionage. Attackers exploit crafted Windows Shortcut files to execute hidden commands, complicating detection efforts. This vulnerability has affected key sectors across multiple countries, with telemetry showing significant targeting of organizations. Nearly 1,000 malicious .LNK files have been discovered, revealing collaborations among various cyber threat actors, particularly those from North Korea. The implications pose serious risks for security across different industries.
An unpatched security flaw in Microsoft Windows is being exploited by state-sponsored groups from various countries for extensive data theft and espionage.
The vulnerability, ZDI-CAN-25373, allows attackers to execute hidden commands on victims' machines, complicating detection and posing significant risks to organizations.
Nearly 1,000 crafted .LNK file artifacts exploiting this flaw have been discovered, with ties to several notorious cybercrime groups and extensive targeting of various sectors.
The attacks reveal the global nature of cybersecurity threats, demonstrating cross-collaboration among threat actors, particularly those linked to North Korea, for espionage and financial gains.
Collection
[
|
...
]