Hackers Abuse LNK Files, PowerShell, and Python Loader to Deploy NarwhalRAT

The NarwhalRAT malware campaign targets Korean users by utilizing deceptive LNK files, PowerShell, and a Python loader to deploy a sophisticated remote access trojan. This threat employs Living-off-the-Land techniques and a dual command-and-control structure to evade detection while performing espionage activities like keylogging and screen capture.