New Wave of Attacks Uses PowerShell and LNK Files to Secretly Install Remcos RAT

A new wave of attacks is utilizing PowerShell and LNK files to secretly install the Remcos RAT, enabling complete remote control. This fileless attack method allows for evasion of traditional antivirus software detection. Attackers are exploiting PowerShell scripts to execute malware directly in memory, making detection and analysis more challenging. LNK files are used to initiate the execution of malicious scripts. This technique has been observed in recent campaigns, highlighting the evolution of cybercriminals' tactics to bypass security measures.