Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Gamaredon Campaign Abuses LNK Files to Distribute Remcos Backdoor
Malware and Vulnerabilities
April 01, 2025
Cisco Talos
Cisco Talos reported an ongoing campaign targeting Ukrainian users with malicious LNK files, which run a PowerShell downloader, since at least November 2024. The file names use Russian words related to the movement of troops in Ukraine as a lure.
Read More
Gamaredon
Phishing campaign
LNK files
Powershell downloader
DLL Sideloading
Publisher
Previous
Moscow Subway App and Website Disrupted in Possible Ret ...
Breaches and Incidents
Next
Researchers Uncover the Shelby Malware Family Abusing G ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/public_image/therecord81794732-0eb1-487c-ad51-cb9833ce6097.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_205806613.jpg)
