The Hacker News
By Ravie Lakshmanan — January 29th 2023 at 05:47
The threat actors associated with the Gootkit malware have made "notable changes" to their toolset, adding new components and obfuscations to their infection chains.
Google-owned Mandiant is monitoring the activity cluster under the moniker UNC2565, noting that the usage of the malware is "exclusive to this group."
Gootkit, also called Gootloader, is spread through compromised websites that