acm-header
Sign In

Communications of the ACM

Home/News/Gootkit Loader Resurfaces with Updated Tactic to Compromise.../Full Text
ACM TechNews

Gootkit Loader Resurfaces with Updated Tactic to Compromise Targeted Computers

By The Hacker News
August 9, 2022
Comments
View as: Print Mobile App Share:

The loader utilizes malicious search engine results, a technique called SEO poisoning, to lure unsuspecting users into visiting compromised websites hosting malware-laced ZIP package files purportedly related to disclosure agreements for real estate trans

Credit: redcanary.com

Trend Micro researchers have found that the operators of the Gootkit access-as-a-service (AaaS) malware have gone beyond using freeware installers to conceal malicious files, to using legal documents to get unsuspecting users to download them.

The Gootkit loader uses SEO poisoning, which involves malicious search engine results, to trick users into accessing compromised websites hosting malicious ZIP files to access purported real-estate disclosure agreements.

Said Trend Micro's Buddy Tancio and Jed Valderama, "The combination of SEO poisoning and compromised legitimate websites can mask indicators of malicious activity that would usually keep users on their guard."

From The Hacker News
View Full Article

 

Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account