THREAT ALERT: GootLoader - SEO Poisoning and Large Payloads Leading to Compromise
In December 2022, the Cybereason Incident Response (IR) team investigated an incident which involved new deployment methods of GootLoader.
DustySky (called “NeD Worm” by its developer) is a multi-stage malware in use since May 2015. It is in use by the Molerats (aka Gaza cybergang), a politically motivated group. Operating since 2012.
Lital is a Marketing Team Leader, Storyteller, Technology Marketing Expert. She joined Cybereason as the first marketing hire and built a full marketing department. Specializing in brand building, product marketing, communication and content. Passionate about building ROI-driven marketing teams.
In December 2022, the Cybereason Incident Response (IR) team investigated an incident which involved new deployment methods of GootLoader.
.png)
In this Threat Alert, Cybereason analyzes Tycoon 2FA phishing kit, a sophisticated phishing-as-a-service platform designed to bypass two-factor authentication.