"Palo Alto's GlobalProtect VPN Spoofed to Deliver New Malware Variant"
"Palo Alto's GlobalProtect VPN Spoofed to Deliver New Malware Variant"
Researchers at Palo Alto Networks discovered that its Virtual Private Network (VPN) software, GlobalProtect, was used to distribute a new variant of the "WikiLoader" loader malware, also known as "WailingCrab." WikiLoader is a sophisticated downloader malware first identified in 2022 by Proofpoint researchers who made it public in 2023. Palo Alto Networks' Unit 42 shared findings regarding the WikiLoader campaign involving GlobalProtect-themed Search Engine Optimization (SEO) poisoning. This article continues to discuss findings surrounding the new WikiLoader campaign.