.LNK is an acronym for “LINK,” because these files point to another file, folder, or application, which is known as the “target.” In this post, we are going to discuss in detail what a .LNK file is, how you can check if it’s an LNK file, what information it holds, and whether the .LNK file you are concerned about is a genuine Windows file or a malware.
What is .LNK File?
An LNK file is a Windows system file and a shortcut file. LNK files redirect and point to another file, folder, or application. These files contain information about the target object, such as its metadata, location (path), and file size of the target item. You can view this information from their properties window.
What is .LNK File? How to Open LNK Files How to Create a .LNK File Are .LNK Files Safe Security Advisory Closing Thoughts
LNK files normally have the same icon as the target object, except for the tiny arrow in the bottom-left corner which specifies that it is a shortcut file. A .LNK file is in a shell binary format. This means that it is stored in the form of ones and zeros. This format makes the LNK files ideal for hackers to infiltrate target systems. We have also discussed this further in this post. In Windows 10 and 11, LNK files can be usually seen on your desktop. Their original location is usually at the following path: Now that you know what a .LNK file is., let’s see how you can open them.
How to Open LNK Files
On a Windows PC, you can easily open and run a .LNK file like any regular app or folder. Simply double-click on it to run it, and it will launch the target object. You can also view the .LNK file’s properties by right-clicking on it, and then clicking Properties from the context menu. If you switch to the General tab in the Properties window, you can confirm that it is a .LNK file. If you wish to open the target file instead of the shortcut, you can find its complete path in the “Target” field in the Shortcut tab. You can then paste this path into File Explorer to open the target folder. Alternatively, you can also click Open file location directory from the LNK file’s context menu to open the target folder.
How to Create a .LNK File
.LNK files are shortcut files. You can only create them on a Windows computer by creating a shortcut. To create a shortcut file, right-click on a file, folder, or app, and then click Create a shortcut from the context menu. This will now create a shortcut for the selected object, which will be a .LNK file. You can even create shortcuts of shortcuts, but its associated target item would be the original target and not the first shortcut.
Are .LNK Files Safe
Even though .LNK files are Windows system files, not all of them can be assumed safe for your PC. Over the last few years, there have been increasing reports of cyber attacks and malware injection using .LNK files. Hackers share compressed or archived files with end users that look harmless. But opening those files instantly injected their PCs with malware using .LNK files which created backdoors for the attackers. Since .LNK files offer a convenient method of opening another file, attackers can use them to run script-based malware using Windows PowerShell. PowerShell can run in the background without the user knowing about it, making it a perfect opportunity to run scripts. That said, not all LNK files are threats. As we previously mentioned, on a Windows PC, LNK files are shortcut files that help in opening another file, folder, or app located elsewhere. So how do we know whether the .LNK file is legitimate or a trojan horse? One way is to inspect the target object. If the target object is a legitimate Windows file, folder, or application, then the associated LNK file is harmless. You can check the target app through the LNK file’s properties. Remember to also check whether the target object is within the directory it is supposed to be. If you find some unusual entries in the target location inside the LNK file’s properties, then it is likely a virus. Here’s an example: This LNK shortcut is running a code instead of opening a legitimate target object. At times, there is no way to tell if a .LNK file is legitimate or a virus. This is because the “Target” field has a limit of only 260 characters. This makes the target object look legitimate, but has a string of whitespace after the target area visible to you. In the image above, you can only see the legitimate part of the target object. However, the true target object is so long that it cannot be seen. The attacker pads several spaces or newline characters before the malicious argument making it invisible to the naked eye. The only way to tell if this .LNK file is legitimate is by using parsers and other security tools.
Security Advisory
Eben though attackers first began exploiting LNK files years ago, the attacks are still happening today, as it is the best method to take advantage of an innocent-looking .LNK file. Since it can be complicated for a regular Windows user to differentiate between a malicious and a legitimate .LNK file, here are a few things we suggest you should do to keep yourself protected:
Perform regular malware scans. Upgrade your PowerShell to the latest available version as updates include security patches. Never click on executable files received online from unknown senders, even if they seem legitimate. Never click on .LNK files received via email, posing as a job offer, or any other social media platform.
Closing Thoughts
We hope that this guide helped you keep your data and PC protected from malware. Another thing we would like our users to know before concluding this guide is that you cannot see .LNK file extensions when you opt to view extensions in File Explorer’s settings. Some websites also state manual changes to Windows Registry as a solution to show and hide .LNK extensions, but after having tested them, they no longer work.