Gootloader: Initial Access as a Service Platform Expands Its Search for High Value Targets

Security Alert
Published June 17, 2021

The ongoing Gootloader campaign expands its scope to highly sensitive assets worldwide including financial, military, automotive, pharmaceutical and energy sectors, operating on an Initial Access as a Service model.


Cobalt StrikeGootloader
T1566 – PhishingT1566.002 – Spearphishing LinkT1189 – Drive-by CompromiseT1059.001 – PowerShellT1059.007 – JavaScriptT1204.002 – Malicious FileT1547 – Boot or Logon Autostart ExecutionT1027 – Obfuscated Files or InformationT1055.012 – Process Hollowing

Related Content

Ready to Simplify IT Management?

We will work with you to create a plan that meets your business needs, while helping you get more from your technology, with less work, and less worry about making it all run right.