Malware used by cyber-espionage group believed to be operating out of China has been deploying malware in the past two years that disguises as control panel link (CPL) files. Palo Alto Networks found the Reaver malware, a backdoor trojan, and uses CPL files to gather information from infected hosts and execute malicious commands. The malware’s name is Reaver, named so by the cyber-security company who found it. To date, only 0.006% of all malware employs this technique, indicating it is in fact fairly rare.
Source: https://www.bleepingcomputer.com/news/security/windows-control-panel-links-abused-in-cyber-espionage-campaign/