LNK Weaponization

Deceptive attack vector using Windows LNK files masquerading as legitimate PDF documents to deliver multi-stage malware payloads through archive-based delivery mechanisms

1 intelligence brief← Intelligence Hub

Transparent Tribe APT36: Weaponized Shortcuts and Adaptive Persistence Target Indian Government Entities

Transparent Tribe (APT36) launches a sophisticated multi-stage malware campaign using weaponized Windows shortcut files embedded with PDF content, targeting Indian government and academic institutions. The RAT adapts its persistence mechanisms based on installed antivirus products, enabling long-term covert access and intelligence collection.

Peter Chofield

Jan 4, 2026

5–7 minutes

LNK Weaponization

Transparent Tribe APT36: Weaponized Shortcuts and Adaptive Persistence Target Indian Government Entities