THREATNOIR
Subscribe
Back to Feed
MalwareMar 27, 2026

Just seen @censysio published this article today: https://t.co/ejit3Pfxbk In the Introduction, "L...

Censys publishes research on LNK file malware disguised as private key folders using domain hui228[.]ru.

Read at source

Summary

Censys has published research detailing a malware campaign using LNK (shortcut) files disguised as private key folders to deceive users. The attack leverages the domain hui228[.]ru as part of its infrastructure. The campaign appears to have been active for at least a month based on related Twitter discussions.

Indicators of Compromise

  • domain — hui228[.]ru
  • malware — LNK file malware (disguised as private key folders)