Loader
GootLoader
First seen: 2020-01 • Status: active
Currently Active Threat
GootLoader poisons Google search results. When you search for legal documents, you might download malware.
Overview
GootLoader uses SEO poisoning to trick victims into downloading malware through search results.
Also Known As
Gootkit Loader
How It Spreads
- • SEO poisoning
- • Fake document downloads
- • Compromised websites
What It Does
- • Downloads additional malware
- • Steals credentials
- • Enables ransomware
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor for suspicious JavaScript
- • Block downloads from compromised sites
MITRE ATT&CK Techniques
T1189, T1059, T1105
If You're Infected
- 1.
Block malicious domains
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required