Tag: dropbox-c2

All the articles with the tag "dropbox-c2".

• Kimsuky Deploys Malicious LNK Files to Implant Python-Based Backdoor in Multi-Stage Attack

  12 Apr 2026

  Detailed technical analysis of Kimsuky's latest campaign using disguised LNK files that deploy a sophisticated multi-stage attack chain (LNK → XML → VBS → PS1 → BAT) leading to a Python backdoor (beauty.py). Covers persistence via scheduled tasks, data exfiltration through Dropbox, custom C2 protocol, and command set.