gootloader Archives - Security Affairs

Pierluigi Paganini July 06, 2024

GootLoader is still active and efficient

Researchers warn that the malware GootLoader is still active and threat actors are still using it in their campaigns. Threat actors continue to use GootLoader malware in their campaigns, Cybereason researchers warn. The malware has evolved, resulting in several versions, with GootLoader 3 currently in use. Despite updates to the payload, the infection strategies and overall […]

Pierluigi Paganini March 02, 2023

Threat actors target law firms with GootLoader and SocGholish malware

Cyber criminals are targeting law firms with GootLoader and FakeUpdates (aka SocGholish) malware families. Researchers from eSentire have foiled 10 cyberattacks targeting six different law firms throughout January and February of 2023. The firms were targeted as part of two distinct campaigns aimed at distributing GootLoader and FakeUpdates (aka SocGholish) malware. “The attacks emanated from two separate threat […]

Pierluigi Paganini January 30, 2023

UNC2565 threat actors continue to improve the GOOTLOADER malware

The threat actors behind the GOOTLOADER malware continues to improve their code by adding new components and implementing new obfuscation techniques. Mandiant researchers reported that the UNC2565 group behind the GOOTLOADER malware (aka Gootkit) continues to improve their code by adding new components and implementing new obfuscation techniques. Gootkit runs on an access-a-as-a-service model, it is used […]

Pierluigi Paganini March 01, 2021

Gootkit delivery platform Gootloader used to deliver additional payloads

The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts from Sophos documented the evolution of the “Gootloader,” the framework used for delivering the Gootkit RAT banking Trojan. The framework was improved to deploy a wider range of malware, including ransomware payloads. “In recent years, almost […]

gootloader

GootLoader is still active and efficient

Threat actors target law firms with GootLoader and SocGholish malware

UNC2565 threat actors continue to improve the GOOTLOADER malware

Gootkit delivery platform Gootloader used to deliver additional payloads

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

UK NCA arrested four people over M&S, Co-op cyberattacks

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

Qantas data breach impacted 5.7 million individuals

QUICK LINKS

gootloader

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!