Security News > 2023 > January > Australian Healthcare Sector Targeted in Latest Gootkit Malware Attacks
A wave of Gootkit malware loader attacks has targeted the Australian healthcare sector by leveraging legitimate tools like VLC Media Player.
Like other malware of its kind, Gootkit is capable of stealing data from the browser, performing adversary-in-the-browser attacks, keylogging, taking screenshots, and other malicious actions.
The starting point of the cyber assault is to direct users searching for the same keywords to an infected WordPress blog that tricks them into downloading malware-laced ZIP files.
"Users are led to access the link so that the malicious ZIP file can be downloaded."
"This latency, which clearly separates the initial infection stage from the second stage, is a distinctive feature of Gootkit loader's operation," the researchers said.
Dll - the former of which is a legitimate VLC Media Player binary that's used to load the Cobalt Strike DLL component, followed by downloading more tools to facilitate discovery.
News URL
https://thehackernews.com/2023/01/australian-healthcare-sector-targeted.html
Related news
- China-based Silver Fox spoofs healthcare app to deliver malware (source)
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- Open-source malware doubles, data exfiltration attacks dominate (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- Australian pension funds hit by wave of credential stuffing attacks (source)
- New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner (source)