Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader and FakeUpdates (aka SocGholish) malware strains.
GootLoader, active since late 2020, is a first-stage downloader that’s capable of delivering a wide range of secondary payloads such as Cobalt Strike and ransomware.
It notably employs search engine optimization (

This entry was posted in Uncategorized and tagged .

Leave a Reply

Your email address will not be published. Required fields are marked *