Cybersecurity experts have discovered a new type of malicious software, known as a "dropper," that targets Windows systems by secretly installing harmful programs. This dropper works by executing a hidden script called PEAKLIGHT, which then downloads additional malware designed to steal personal information or control the infected computer.

The attack begins when users download a Windows shortcut (LNK) file disguised as a pirated movie from the internet. Once opened, the file triggers a process that connects to a remote server, launching the PEAKLIGHT script and delivering malware like Lumma Stealer and CryptBot. These malicious programs are often sold as part of a service, making them more accessible to cybercriminals.

To further disguise the attack, the dropper may download a legitimate movie trailer, tricking users into believing nothing is wrong. Researchers also found that the dropper uses various encoding techniques to hide its malicious activities, making it harder to detect.