gootloader (2)

12291569282?profile=RESIZE_400xA new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and evade detection.  GootLoader is a stealthy malware classified as a first-stage downloader designed to attack Windows-based systems.  It is considered an Initial-Access-as-a-Service (IAaaS) tool used within a ransomware-as-a-service (RaaS) criminal business model.  The GootLoader group's introduction of their custom bot into the late stages of their attack chain is an at

10086538496?profile=RESIZE_400xThe operators of the GootLoader campaign are targeting employees of accounting and law firms as part of a renewed effort of cyberattacks to deploy malware on infected systems.  This is an unfortunate sign that the adversary is expanding its focus to other high-value targets.  The Gootkit malware family has been around for five years or more, and is used to distribute code such as ransomware, which can encrypt the files on a Windows computer and only release them once a ransom is paid.