Gootloader Cyberattackers Target Bengal-Cat Aficionados in Oz

  /     /     /  
Publicated : 23/11/2024   Category : security


Gootloader Cyberattackers Target Bengal-Cat Aficionados in Oz


Its unclear what the threat actors have against this particular breed of cat, but its taking down the kittys enthusiasts with SEO-poisoned links and malware payloads.



New research is showing that criminal cyber actors are seemingly targeting Australians who have a penchant for Bengal cats, a breed of hybrid feline created from crossing of an Asian leopard with domestic breeds.
Armed with Gootloader
, a popular malware strain often used as an infostealer or as a malware dropped prior to ransomware attacks, Sophos found that the threat actors are targeting users who search Are Bengal cats legal in Australia? and other similar questions.
The researchers found, in one example, that one website returned the following after this kind of search query: a search engine optimization (SEO)-poisoned forum containing hyperlinked texts leading the user to download a .zip file if clicked on. SEO poisoning is what the Gootloader gang is particularly known for, duping victims into clicking on malicious links disguised as legitimate resources.
And this is just the first stage of the malwares payload. 
Following a download, the user is redirected to a different website containing a large JavaScript file. This leads to multiple processes being run on the users device, allowing threat actors to pass commands and establish persistence to deploy Gootkit — the second stage of the payload— and the malware then acts as a precursor to other tools, such as ransomware or Cobalt Strike.
The detection of the Gootloader variant used in the attacks led to a threat-hunting campaign by 
Sophos X-Ops MDR
, with its researchers reporting that theyve seen continued growth in this approach to initial compromise, with several massive campaigns using this technique over the past year.
And while there are protection blocks that users can implement to detect for this kind of malware, its best that they adhere to best practices and be wary of suspicious links or sources that may seem questionable. 

Last News

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Gootloader Cyberattackers Target Bengal-Cat Aficionados in Oz