Gootloader malware is back with new tricks after 7-month break www.bleepingcomputer.com/news/secu…
The Gootloader malware loader operation has returned after a 7-month absence and is once again performing SEO poisoning to promote fake websites that distribute the malware.
“In this latest campaign, we’ve observed thousands of unique keywords spread over 100 websites,” reads a new blog post by the Gootloader researcher. “The ultimate goal remains the same: convince victims to download a malicious ZIP archive containing a JScript (.JS) file that establishes initial access for follow-on activity — usually leading to ransomware deployment.”
