#gootloader
#gootloader

[ follow ]

GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites

GootLoader has resurfaced, using custom WOFF2 glyph substitution and WordPress comment endpoints to deliver XOR-encrypted ZIP payloads, enabling rapid domain controller compromise and ransomware hand-offs.

Information security

fromTheregister

3 weeks ago

Gootloader malware back for the attack, serves up ransomware

Gootloader JavaScript malware has resurfaced, using SEO-poisoned search results, WOFF2 font obfuscation, and a Storm-0494–Vanilla Tempest partnership to deploy ransomware quickly.

Information security

fromBleepingComputer

3 weeks ago

Gootloader malware is back with new tricks after 7-month break

Gootloader resumed SEO-poisoning campaigns to distribute JavaScript-based malware via fake legal document sites, delivering secondary payloads like Cobalt Strike and ransomware access.

[ Load more ]

#gootloader#gootloader

GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites

Gootloader malware back for the attack, serves up ransomware

Gootloader malware is back with new tricks after 7-month break

#gootloader
#gootloader