gootloader Archives - Security Affairs

Pierluigi Paganini July 06, 2024

GootLoader is still active and efficient

Researchers warn that the malware GootLoader is still active and threat actors are still using it in their campaigns. Threat actors continue to use GootLoader malware in their campaigns, Cybereason researchers warn. The malware has evolved, resulting in several versions, with GootLoader 3 currently in use. Despite updates to the payload, the infection strategies and overall […]

Pierluigi Paganini March 02, 2023

Threat actors target law firms with GootLoader and SocGholish malware

Cyber criminals are targeting law firms with GootLoader and FakeUpdates (aka SocGholish) malware families. Researchers from eSentire have foiled 10 cyberattacks targeting six different law firms throughout January and February of 2023. The firms were targeted as part of two distinct campaigns aimed at distributing GootLoader and FakeUpdates (aka SocGholish) malware. “The attacks emanated from two separate threat […]

Pierluigi Paganini January 30, 2023

UNC2565 threat actors continue to improve the GOOTLOADER malware

The threat actors behind the GOOTLOADER malware continues to improve their code by adding new components and implementing new obfuscation techniques. Mandiant researchers reported that the UNC2565 group behind the GOOTLOADER malware (aka Gootkit) continues to improve their code by adding new components and implementing new obfuscation techniques. Gootkit runs on an access-a-as-a-service model, it is used […]

Pierluigi Paganini March 01, 2021

Gootkit delivery platform Gootloader used to deliver additional payloads

The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts from Sophos documented the evolution of the “Gootloader,” the framework used for delivering the Gootkit RAT banking Trojan. The framework was improved to deploy a wider range of malware, including ransomware payloads. “In recent years, almost […]

gootloader

GootLoader is still active and efficient

Threat actors target law firms with GootLoader and SocGholish malware

UNC2565 threat actors continue to improve the GOOTLOADER malware

Gootkit delivery platform Gootloader used to deliver additional payloads

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Orange reports major cyberattack, warns of service disruptions

Hackers leak images and comments from women dating safety app Tea

Pro-Ukraine hacktivists claim cyberattack on Russian Airline Aeroflot that caused the cancellation of +100 flights

Seychelles Commercial Bank Reported Cybersecurity Incident

Microsoft uncovers macOS flaw allowing bypass TCC protections and exposing sensitive data

QUICK LINKS

gootloader

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!