GuLoader Malware is Attacking Law Firms Using Weaponized PDF File

30 June 2023

The cybersecurity researchers at Morphisec Labs have been tracking the GuLoader campaign since April of this year and found that it has been actively targeting the law firms that are based in the US along with several other sectors like:- Healthcare Investment firms Targeted sectors (Source – Morphisec) For more than three years, GuLoader (aka ‘Cloudeye’) has been active, still keeps evolving, and employs diverse anti-analysis methods, posing challenges to security analysts to analyze it. GuLoader, infamous for distributing multiple malware families, such as:- NetWire Lokibot Xloader Remcos The GuLoader downloads the payload by using trusted platforms like:- Google Drive OneDrive GCloud In this campaign, the operators of GuLoader used ‘github.io’ as the download source to deliver the Remcos RAT (remote access trojan).

Source: GBHackers

Date:

30 June 2023

Categorie(s):

NEWS

Tag(s):

Cyber Attack, Cyber Security News, Files, Law Firms, Using

CISA Flags Critical Palo Alto Network Flaws Actively Exploited in the Wild15 November 2024
AI’s impact on the future of web application security15 November 2024
Using AI to drive cybersecurity risk scoring systems15 November 2024
Critical vulnerabilities persist in high-risk sectors15 November 2024
New infosec products of the week: November 15, 202415 November 2024