New 'Quantum' Builder Lets Attackers Easily Create Malicious Windows Shortcuts
Jun 24, 2022
A new malware tool that enables cybercriminal actors to build malicious Windows shortcut ( .LNK ) files has been spotted for sale on cybercrime forums. Dubbed Quantum Lnk Builder , the software makes it possible to spoof any extension and choose from over 300 icons, not to mention support UAC and Windows SmartScreen bypass as well as "multiple payloads per .LNK" file. Also offered are capabilities to generate .HTA and disk image (.ISO) payloads. Quantum Builder is available for lease at different price points: €189 a month, €355 for two months, €899 for six months, or as a one-off lifetime purchase for €1,500. ".LNK files are shortcut files that reference other files, folders, or applications to open them," Cyble researchers said in a report. "The [threat actor] leverages the .LNK files and drops malicious payloads using LOLBins [living-off-the-land binaries]." Early evidence of malware samples using Quantum Builder in the wild is said to da
