acm-header
Sign In

Communications of the ACM

ACM TechNews

Gootkit Loader Resurfaces with Updated Tactic to Compromise Targeted Computers


The loader utilizes malicious search engine results, a technique called SEO poisoning, to lure unsuspecting users into visiting compromised websites hosting malware-laced ZIP package files purportedly related to disclosure agreements for real estate trans

Credit: redcanary.com

Trend Micro researchers have found that the operators of the Gootkit access-as-a-service (AaaS) malware have gone beyond using freeware installers to conceal malicious files, to using legal documents to get unsuspecting users to download them.

The Gootkit loader uses SEO poisoning, which involves malicious search engine results, to trick users into accessing compromised websites hosting malicious ZIP files to access purported real-estate disclosure agreements.

Said Trend Micro's Buddy Tancio and Jed Valderama, "The combination of SEO poisoning and compromised legitimate websites can mask indicators of malicious activity that would usually keep users on their guard."

From The Hacker News
View Full Article

 

Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA


 

No entries found