"Gootkit Malware Adopts New Tactics to Attack Healthcare and Finance Firms"

Cybereason reports that the Gootkit malware targets primarily healthcare and banking organizations in the US, UK, and Australia. According to the cybersecurity firm, it analyzed a Gootkit incident in December 2022 that involved a new deployment method, with the attackers abusing the foothold to deliver Cobalt Strike and SystemBC for post-exploitation. Cybereason stated in an analysis published on February 8, 2023, that the threat actor exhibited swift conduct, quickly gaining control of the compromised network and gaining elevated privileges in less than four hours. Mandiant attributes Gootkit, also known as Gootloader, entirely to a threat actor identified as UNC2565. Since its start as a banking Trojan in 2014, the malware has transformed into a loader capable of distributing next-stage payloads. This article continues to discuss the new tactics of the Gootkit malware. 

THN reports "Gootkit Malware Adopts New Tactics to Attack Healthcare and Finance Firms"