Earlier this week we got a warning about malware that was spreading via USB keys. Now it seems that shortcut files are also at risk. The McAfee Avert Labs Blog has some useful information as to what can go wrong with shortcuts or .lnk files.

To be honest this was something of a revelation to me because I had always though these files were simple text. That doesn’t make them any less dangerous but at least it is easier to spot what’s going on inside.

Because I’m of a curious frame of mind, I decided to take a look inside a link file for myself. You can see the results to the right courtesy of Hex Editor from Sourceforge.net (I’ve cropped out a lot of the text to the left).

Lo and behold there are some meaningful references to the software – Scribus in this case because the shortcut was on my desktop.

Of course a malicious shortcut might not be so clear and some will use commands on the command prompt to carry out their nefarious deeds.

The good news is that you don’t need to check every shortcut file with a Hex editor. Right-click on the shortcut and then left-click on Properties. Click on the Shortcut tab and check the Target box to see what the shortcut will actually do. Don’t rely on the icon, that’s easy to change and doesn’t mean anything. Does anyone remember that old urban myth about the file with a teddy bear icon being a virus. It wasn’t, but possible it was a bad choice of icon.