New GootLoader Malware Variant Evades Detection and Spreads … – The Hacker News

A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and evade detection.

“The GootLoader group’s introduction of their own custom bot into the late stages of their attack chain is an attempt to avoid detections when using off-the-shelf tools for C2 such as CobaltStrike or RDP,” IBM X-Force researchers Golo Mühr and Ole Villadsen said.

“This new variant is a lightweight but effective malware allowing attackers to rapidly spread throughout the network and deploy further payloads.”

GootLoader, as the name implies, is a malware capable of downloading next-stage malware after luring potential victims using search engine optimization (SEO) poisoning tactics. It’s linked to a threat actor tracked as Hive0127 (aka UNC2565).

The use of GootBot points to a tactical shift, with the implant downloaded as a payload after a Gootloader infection in lieu of post-exploitation frameworks such as CobaltStrike.”

Described as an…

Read Full Story: https://news.google.com/rss/articles/CBMiTGh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMy8xMS9uZXctZ29vdGxvYWRlci1tYWx3YXJlLXZhcmlhbnQtZXZhZGVzLmh0bWzSAQA?oc=5

The post New GootLoader Malware Variant Evades Detection and Spreads … – The Hacker News first appeared on SEO, Marketing and Social News | OneSEOCompany.com.

source: https://news.oneseocompany.com/2023/11/07/new-gootloader-malware-variant-evades-detection-and-spreads-the-hacker-news_2023110752263.html

Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.