Get Permission
A new malware loader dubbed Gootloader is using search engine optimization techniques to spread ransomware, Trojans and other malware, the security firm Sophos reports.
The campaign is active in North America, South Korea, Germany and France, Sophos researchers say.
To trick victims into visiting infected websites, Gootloader uses malicious search engine optimization techniques to squirm into Google search results, Sophos notes. These techniques are effective at evading detection over a network – right up to the point where the malicious activity trips over behavioral detection rules.
When someone enters certain keywords into a Google search, they are shown the link to the malicious website. Once they visit the website, they are then prompted to download a zip file that installs Gootloader, which then loads REvil ransomware and the Gootkit and Kronos Trojans, the report notes.
Hackers Use Search Engine Optimization to Deliver Malware govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.