Sign In

Communications of the ACM

ACM TechNews

Gootkit Loader Resurfaces with Updated Tactic to Compromise Targeted Computers

View as: Print Mobile App Share:

The loader utilizes malicious search engine results, a technique called SEO poisoning, to lure unsuspecting users into visiting compromised websites hosting malware-laced ZIP package files purportedly related to disclosure agreements for real estate trans


Trend Micro researchers have found that the operators of the Gootkit access-as-a-service (AaaS) malware have gone beyond using freeware installers to conceal malicious files, to using legal documents to get unsuspecting users to download them.

The Gootkit loader uses SEO poisoning, which involves malicious search engine results, to trick users into accessing compromised websites hosting malicious ZIP files to access purported real-estate disclosure agreements.

Said Trend Micro's Buddy Tancio and Jed Valderama, "The combination of SEO poisoning and compromised legitimate websites can mask indicators of malicious activity that would usually keep users on their guard."

From The Hacker News
View Full Article


Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA


No entries found