Gootkit RAT uses SEO to spread malware through compromised sites

Gootkit RAT uses SEO to distribute malware through compromised users sites

A framework notorious for delivering a banking trojan has been given a facelift to deploy a wider range of malware, including ransomware payloads.

“The Gootkit malware family has been around for over half a year – a mature Trojan horse with functionality aimed at banking data theft,” said Sophos researchers Gabor Szappanos and Andrew Brandt in an article published today.

First documented in 2014, Gootkit is a JavaScript-based malware platform capable of performing a range of secret activities, including web injection, keystroke capture, screenshots, video recording, and email and password stealing.

Over the years, the cybercrime tool has evolved with new information-stealing features, reusing the Gootkit loader in conjunction with REvil / Sodinokibi ransomware infections reported last year.

While campaigns that use social engineering tricks to deliver malicious payloads are a dime in a dozen, Gootloader takes this to the next level.

The chain of infection uses advanced techniques where malicious ZIP archive files are hosted on legitimate company websites that have been manipulated to appear at the top of a search query using manipulated search engine optimization (SEO) methods.

Clicking on the search result takes the user to a fake pinboard-like page that not only matches the search terms used in the original search, but also contains a link to the ZIP file, which contains a highly obfuscated Javascript file that the next stage of the compromise to inject the fileless malware retrieved from a remote server into memory.

In addition to delivering the REvil ransomware and Gootkit trojan, multiple campaigns have been spotted currently using the Gootloader framework to secretly deliver Kronos financial malware in Germany and the post-exploitation tool Cobalt Strike in the US.

It is still unclear how the operators accessed the websites to perform the malicious injections, but the researchers suspect that the attackers obtained the passwords by installing the Gootkit malware or by purchasing stolen credentials from underground markets. or by exploiting security vulnerabilities in the plug-ins used. in addition to software for content management systems (CMS).

“This shows that criminals tend to reuse their proven solutions instead of developing new delivery mechanisms. In addition, instead of actively attacking endpoint tools like some malware distributors do, the makers of Gootloader have opted for complicated evasion techniques that disguise the end result, ”he added.

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
NAMISolano County offers mental health resources, courses - The Reporter

NAMISolano County offers mental health resources, courses – The Reporter

The program is taught by trained family members who have a loved one, friends or significant others with a mental health condition, from depressive disorders ...
Study highlights the number of pandemic victims among healthcare professionals – Bay Area news

Study highlights the number of pandemic victims among healthcare professionals – Bay Area news

Jang helped with COVID-19 clinical trials and said during the early pandemic, she felt intense anxiety, but later a lot of insomnia and burnout. “I wasn’t able ...
Local school raises money for children born with heart problems

Local school raises money for children born with heart problems

“We would be practicing things like jump rope because it helps with your heart and it helps you exercise.” “It really means a lot to me,” she said. With the ...
FFP’s Expanded Pro Bono Financial Planning Efforts in 2020

FFP’s Expanded Pro Bono Financial Planning Efforts in 2020

“One year ago, we watched what was happening across the country and knew that FFP and our partners were in a position to help,” according to Jon Dauphiné, FFP ...
Aetna Better Health donates van to Community Health Net

Aetna Better Health donates van to Community Health Net

Source “For a lot of our patients, we serve the underserved, people who don’t have that reliable transportation, people who use a lot of public ...
Fifth grader raises money for homeless people

Fifth grader raises money for homeless people

Source durangoherald.com Because there weren’t too many ideas in my reach I decided to come up with my own idea, I am going to raise money to donate to food ...
Xbox Series X game news: Microsoft’s master plan for Hideo Kojima’s next game?  |  Games |  Training

Xbox Series X game news: Microsoft’s master plan for Hideo Kojima’s next game? | Games | Training

ORIGINAL: We’re only at the start of this gen but already Microsoft has shown they mean serious business with the Xbox Series X and S. We’ll have to wait and ...
The US Department of State sponsors a ‘virtual exchange program’ for aspiring game developers

The US Department of State sponsors a ‘virtual exchange program’ for aspiring game developers

Source Royce, the former Assistant Secretary of State, expressed similar sentiments: “Bottom line, at the end of the day, this is all diplomacy.” ...
Where and how to build warehouses

Where and how to build warehouses

Developers can also think more creatively about where to build warehouses. Local ordinances and community sentiment may mean siting a warehouse further away ...
Apple argues that it faces competition in the video game market as the Fortnite trial approaches

Apple argues that it faces competition in the video game market as the Fortnite trial approaches

Source Apple says consumers have choices in carrying out video game transactions, including purchasing virtual tokens from game developers on other ...
16 cases of the most contagious coronavirus strain identified in Cleveland, health officials said

16 cases of the most contagious coronavirus strain identified in Cleveland, health officials said

There were 2,012 new hospitalizations during the one-week period. Nearly 47% of all the new patients identified in that week were ages 20 to 39. As of April 3, ...
Despite high prices, LG might sell thousands of rollable OLED TVs

Despite high prices, LG might sell thousands of rollable OLED TVs

LG’s rollable OLED TV is slowly rolling out to more regions worldwide, but despite the very high price for this experimental television, market analysts ...
How about 'Monkey Business' in Clinton?

Deliveroo’s stock plummets as data provides little evidence of short selling

It is also possible that some hedge funds were still able to source shares to short-sell away from the securities lending market, for instance if a prime ...
Two Six Technologies Appoints Bob Kwaja as New Chief Financial Officer – Homeland Security Today

Two Six Technologies Appoints Bob Kwaja as New Chief Financial Officer – Homeland Security Today

Source www.hstoday.us Kwaja attended the University of Maryland where he received his Bachelor of Science in Finance. Prior to this position, Kwaja served ...
Tehama County Public Health updates vaccine availability – news

Tehama County Public Health updates vaccine availability – news

COVID-19 testing at the Red Bluff Community Center is available 7 a.m to 3 p.m. Mondays and Tuesdays and 10 a.m. to 6 p.m. Thursdays. “We all play a part in ...
With Georgia’s voting law, business becomes political

With Georgia’s voting law, business becomes political

The recent contentious fight over a Republican-led voting law in Georgia has illustrated the challenges. Civil-rights activists pressured Delta and ...
Another bill to limit advances in public health councils in Câmara |  News

Another bill to limit advances in public health councils in Câmara | News

Source The bill faces a final vote in the House before it goes back to the Senate to concur or reject amendments made in the House. Rep. Geraldine Custer, a ...
News student chases his medical dream |  News Center

News student chases his medical dream | News Center

But Prandecki, who so loved doing science experiments during her early school years that her three sisters joked she was making Harry Potter potions, was tired ...
Show next
RSS Best 10 Guide by Compsmag
  • Best Electric Hand Blender In India April 10, 2021
    Are you looking for the Best Electric Hand Blender In India? A hand blender, also known as an immersion blender or dipping blender, is a handy and portable alternative to conventional blenders, food processors, coffee grinders, and blenders that gives you the freedom to be comfortable and fast. A hand blender is a sleek and […]
    Mohit
  • Best Espresso Coffee Machines In India April 10, 2021
    Are you looking for the Best Espresso Coffee Machines In India of 2021? Nothing in the world can beat the taste and aroma of filter coffee made from freshly ground coffee beans. We tried to recreate the same magic using concepts such as “instant coffee” and so on.  Your espresso machines do not look like […]
    Mohit
  • The Best High Altitude Drones April 10, 2021
    Why would you want to fly your consumer drone far from its controller? Well, there are some huge advantages with flying the Best High Altitude Drones further and further in First Person View or FPV. This allows drone pilots to see things and go to places they would not otherwise see or visit. That’s pretty […]
    Mayank Bhardwaj
  • Best Bluetooth Car Tool Kit of 2021 April 10, 2021
    Bluetooth Car Tool Kit- If you want to stream music from a wireless device or make hands-free phone calls in your car, a Bluetooth car kit is what you need. According to the Centers for Disease Control and Prevention, the distracted drivers can kill nine people and leave 1,060 others injured every day in the USA. The […]
    Mohit
  • The Best DSLR Cameras Under $500 April 10, 2021
    Today, $500 is a budget big enough to buy a super-spiffy camera, which would have been unheard of five or ten years ago. If you had asked me a few years ago to give you a good selection for the Best DSLR cameras under $500, I would’ve struggled to make a half-worthy list. But today, thanks […]
    Mayank Bhardwaj
  • Best Sites To Improve Typing Skills April 9, 2021
    Today we’re discussing you about how to improve the typing speed and skills. Today the world is a computer world, and today every work is based on a PC for which the basic and must need is good typing speed and skills. If you are good at typing, then you can easily find and do […]
    Compsmag Team
  • Arduino Books For Beginners April 9, 2021
    Check out the Best Arduino Books For Beginners in 2021. Arduino is a language designed for interacting with operating interactive objects and digital devices. The best thing about Arduino is that it’s available for almost everyone. You need to do some technical skills to get involved, but building on the top of Arduino has not […]
    Mohit
  • The Best Wireless Gaming Headsets April 9, 2021
    Four or five years ago, choosing the wired gaming headsets over the wireless gaming headsets was a matter of course for most people. The world has changed since then. Nowadays, a Bluetooth gaming headset is no longer just a convenient option for gamers. It is now a legitimate candidate who can offer high-quality and lag-free […]
    Mayank Bhardwaj
  • Best 3D Printers Under $500 April 9, 2021
    Are you looking for the Best 3D Printers Under $500? We are here to help you. The market is full of high-quality 3D printers that you can get without letting your wallet empty. Here we refer to the best 3D printers under $500 that are available on the market. All products listed here have been carefully […]
    Mayank Bhardwaj
  • Best Upcoming Zombie Games April 9, 2021
    Are you looking for the Best Upcoming Zombie Games? When it comes to video games, one of the most popular genres is horror. It’s rather interesting to see people buying these games when they were still lagging behind other headlines. The Best zombie games take a common video game trope and turn it over their […]
    Mohit
RSS Popular Blog and Tutorial Tips
  • Fix ‘Repeat Let­ters or Dou­ble Spac­ing’ Issue on MacBook April 6, 2021
    This article is about Fix ‘Repeat Let­ters or Dou­ble Spac­ing’ Issue on MacBook. So read this free guide, Fix ‘Repeat Let­ters or Dou­ble Spac­ing’ Issue on MacBook step by step. If you have query related to same article you may contact us. Fix ‘Repeat Let­ters or Dou­ble Spac­ing’ Issue on MacBook – Guide You already […]
    Geek Techy
  • How to Set up Touch ID on MacBook April 6, 2021
    This article is about How to Set up Touch ID on MacBook. So read this free guide, How to Set up Touch ID on MacBook step by step. If you have query related to same article you may contact us. How to Set up Touch ID on MacBook – Guide If you have a Mac with Touch ID, […]
    Geek Techy
  • How to Enable/Dis­able Bat­tery Health Man­age­ment on MacBook April 6, 2021
    This article is about How to Enable/Dis­able Bat­tery Health Man­age­ment on MacBook. So read this free guide, How to Enable/Dis­able Bat­tery Health Man­age­ment on MacBook step by step. If you have query related to same article you may contact us. How to Enable/Dis­able Bat­tery Health Man­age­ment on MacBook – Guide Apple implemented a new Battery […]
    Geek Techy
  • Apple Mail vs Out­look for Mac: Comparison and Review April 6, 2021
    This article is about Apple Mail vs Out­look for Mac: Comparison and Review. So read this free guide, Apple Mail vs Out­look for Mac: Comparison and Review step by step. If you have query related to same article you may contact us. Apple Mail vs Out­look for Mac: Comparison and Review – Guide Apple and […]
    Geek Techy
  • How to Get Rid of Man­aged By Your Orga­ni­za­tion in Chrome Browser on Mac April 6, 2021
    This article is about How to Get Rid of Man­aged By Your Orga­ni­za­tion in Chrome Browser on Mac. So read this free guide, How to Get Rid of Man­aged By Your Orga­ni­za­tion in Chrome Browser on Mac step by step. If you have query related to same article you may contact us. How to Get Rid of […]
    Geek Techy
  • Fix­ ‘Google Dri­ve Not Sync­ing on Mac’ Issue April 6, 2021
    This article is about Fix­ ‘Google Dri­ve Not Sync­ing on Mac’ Issue. So read this free guide, Fix­ ‘Google Dri­ve Not Sync­ing on Mac’ Issue step by step. If you have query related to same article you may contact us. Fix­ ‘Google Dri­ve Not Sync­ing on Mac’ Issue – Guide The Google Backup & Sync app works great […]
    Geek Techy
  • Setting Up Microsoft Edge Chromi­um on Mac: Guide April 6, 2021
    This article is about Setting Up Microsoft Edge Chromi­um on Mac: Guide. So read this free guide, Setting Up Microsoft Edge Chromi­um on Mac: Guide step by step. If you have query related to same article you may contact us. Setting Up Microsoft Edge Chromi­um on Mac: Guide – Guide Microsoft is leaving its own […]
    Geek Techy
  • How to Use Sticky Notes on iOS, Android, and Mac April 6, 2021
    This article is about How to Use Sticky Notes on iOS, Android, and Mac. So read this free guide, How to Use Sticky Notes on iOS, Android, and Mac step by step. If you have query related to same article you may contact us. How to Use Sticky Notes on iOS, Android, and Mac – Guide Sticky Notes […]
    Geek Techy
  • How to Locate Saved Wi-Fi Pass­words on Mac April 6, 2021
    This article is about How to Locate Saved Wi-Fi Pass­words on Mac. So read this free guide, How to Locate Saved Wi-Fi Pass­words on Mac step by step. If you have query related to same article you may contact us. How to Locate Saved Wi-Fi Pass­words on Mac – Guide Maybe you just bought a new device – […]
    Geek Techy
  • Import Chrome Pass­words to Safari Browser on Mac: Guide April 6, 2021
    This article is about Import Chrome Pass­words to Safari Browser on Mac: Guide. So read this free guide, Import Chrome Pass­words to Safari Browser on Mac: Guide step by step. If you have query related to same article you may contact us. Import Chrome Pass­words to Safari Browser on Mac: Guide – Guide Are you planning to switch […]
    Geek Techy
Compsmag - Latest News from tech, business and health
Logo