Attack Chain Uses LNK Files, MSHTA and Memory Injection. PowerShell is becoming hackers’ new favorite tool since they can load code directly into computer memory and evade traditional file-based detection methods, warn security researchers. A combination of LNK-MSHTA-PowerShell offers a stealthy and effective path to execution.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/fileless-powershell-loader-deploys-remcos-rat-a-28420
