Security News > 2023 > January > Australian Healthcare Sector Targeted in Latest Gootkit Malware Attacks
A wave of Gootkit malware loader attacks has targeted the Australian healthcare sector by leveraging legitimate tools like VLC Media Player.
Like other malware of its kind, Gootkit is capable of stealing data from the browser, performing adversary-in-the-browser attacks, keylogging, taking screenshots, and other malicious actions.
The starting point of the cyber assault is to direct users searching for the same keywords to an infected WordPress blog that tricks them into downloading malware-laced ZIP files.
"Users are led to access the link so that the malicious ZIP file can be downloaded."
"This latency, which clearly separates the initial infection stage from the second stage, is a distinctive feature of Gootkit loader's operation," the researchers said.
Dll - the former of which is a legitimate VLC Media Player binary that's used to load the Cobalt Strike DLL component, followed by downloading more tools to facilitate discovery.
News URL
https://thehackernews.com/2023/01/australian-healthcare-sector-targeted.html
Related news
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- Healthcare attacks spread beyond US – just ask India's Star Health (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)