New GootLoader Campaign Targets Users Searching for Bengal Cat Laws in Australia

November 12, 2024 at 05:57AM A targeted campaign leveraging SEO poisoning delivers GootLoader malware to users searching for Bengal cat legality in Australia. Victims encounter compromised sites, leading to malware installations via ZIP archives. Recent tactics have shifted towards fake PDF converters instead of legal terms, broadening the potential target audience. ### Meeting Takeaways: Nov … Read more

Cybercrooks are targeting Bengal cat lovers in Australia for some reason

November 6, 2024 at 04:51PM Sophos reports that the Gootloader malware, known for SEO poisoning tactics, targets niche victims, including Australian Bengal cat enthusiasts. As an infostealer or malware dropper, it exploits search queries to deliver malicious payloads. The use of malvertising is rising, connecting cybercrime to ransomware operations, prompting action from cybersecurity agencies. ### … Read more

Microsoft: US Healthcare Sector Targeted by INC Ransomware Affiliate

September 19, 2024 at 08:36AM Microsoft warns of the INC ransomware used by threat actor Vanilla Tempest to target US healthcare organizations. The attacker leverages Gootloader malware to expand network access, utilizing tools like AnyDesk, MEGA, RDP, and WMI Provider Host to execute the ransomware payload. They have been active for at least two years … Read more

GootLoader Malware Still Active, Deploys New Versions for Enhanced Attacks

July 5, 2024 at 05:56AM Cybereason reported that the GootLoader malware, linked to threat actor Hive0127, continues to evolve, with the latest version being GootLoader 3. It is distributed via SEO poisoning and serves as a conduit for delivering various payloads. The attackers have also unleashed their own command-and-control tool, expanding their market for financial … Read more

New GootLoader Malware Variant Evades Detection and Spreads Rapidly

November 7, 2023 at 07:36AM GootBot is a new variant of the GootLoader malware that allows attackers to move laterally on compromised systems undetected. It is a lightweight but effective malware that spreads quickly and deploys further payloads. GootBot connects to compromised WordPress sites for command and control, making it difficult to block. As a … Read more