Tag: Gootkit

Gootkit Malware Continues to Evolve with New Components and Obfuscations
Business

Gootkit Malware Continues to Evolve with New Components and Obfuscations

The threat actors behind the Gootkit virus have added new parts and obfuscated their infection chains, among other "notable improvements" to their toolkit. The UNC2565 activity cluster is being watched by Google-owned Mandiant, which notes that this group is the only one using the malware. Using a tactic known as search engine optimization (SEO) poisoning, victims are deceived into visiting compromised websites when looking for business-related documents like agreements and contracts. These websites are then where Gootkit read the complete article Gootkit Malware Continues to Evolve with New Components and Obfuscations. Just follow ReconBee.com and learn about the recent and latest cybersecurity news.
Australian Healthcare Sector Targeted in Latest Gootkit Malware Attacks
Business, Risk, Security

Australian Healthcare Sector Targeted in Latest Gootkit Malware Attacks

By using trustworthy tools like VLC Media Player, recent Gootkit malware loader attacks have targeted the Australian healthcare industry. For first access, Gootkit, also known as Gootloader, is known to use spamdexing and other SEO poisoning techniques. The way it usually operates is by subverting and abusing genuine infrastructure, then seeding those sites with popular terms. Similar to other malware of its ilk, Gootkit is capable of keylogging, adversary-in-the-browser (AitB) assaults, data theft from the browser, screenshotting, and other nefarious deeds. According to recent research from Trend Micro, the infection has spread beyond accounting and legal services providers, with the words read the complete article Australian Healthcare Sector Targeted in Latest Gootkit Malware ...