Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

byITZ PASINDU -March 30, 2026

Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Windows shortcut (LNK) files that are disguised as private key folders. The CTRL toolkit, according to Censys, is custom-built using .NET and includes various executables" to facilitate credential phishing, keylogging, Remote Desktop Protocol (RDP) hijacking, and reverse tunneling

from The Hacker News https://ift.tt/YTlCsAp

Tags: The Hacker News IFTTT

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Pentesters: Is AI Coming for Your Role?

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks

⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

You might like