New Hacking attacks: Gootkit Trojan – REvil Ransomware Marriage

Healthcare businesses are now at the mercy of being devastated by the marriage of the Gootkit Trojan and REvil Ransomware. Recently researchers that track dangerous malware reported the rogue malware Gootkit is now very active after a long break. In the past, this trojan is responsible for stealing private information from numerous businesses. 

However, the troubling aspect of this new cyberattack is that it has join forces with the REvil (Sodinokibi) ransomware. The phrase “double trouble” is at a whole new height with the improved attacks. The two evils have eloped, making both even more dangerous than before.

Gootkit Trojan and REvil Ransomware Dangers

The new report issued by the security research analyst identified an attack against German companies in November 2020. Its emergence caused Germany to issue a warning to unsuspecting citizens.  Gootkit malware now has a German DFN-CERT warning.

  • The new relationship formed by these two demons, the partnership of the trojan and ransomware targets businesses built on the WordPress platform. They launch their attack by utilizing a forum template as a decoy.
  • The trojan and ransomware virus attacks utilize instruction baited with SEO poisoning for the download of a malicious file. Once potential victims have downloaded these malicious files, the PE downloads that are already embedded uses either Gootkit or REvil to launch undetected attacks.
  • The new combination of REvil and Gootkit takes on a very sophisticated form that helps it to evade detection.
  • REvil ransomware recreates ransom attacks identical to an older version of its previously released ransomware. 

Banking Malware Cyber-attack Partnership

Recently, virus research analysts have found that ransomware delivery is now utilizing some banking malware. As loaders, they can launch undetected attacks on victims that have a high status in society.

Just in November, researchers issued a warning against the Cisco Talos threat. Reports indicate that companies in the healthcare sector came under several ransomware attacks carried out by a TrickBot. This virus crudely carries out its function as a dropper deploying payloads of the Conti and TrickBot ransomware. Also, recently the Check Point Research group released October 2020 Global Threat Index list of destructive viruses. TrickBot and Emotet ransomware hold the top spot on the list of dangerous viruses. Emotet and Trickbot ransomware’s target healthcare providers and hospitals.

Hire an Ethical Hacker for Protection

Ransomware gangs joined partnerships with other malware criminals and DDoS hackers. Now they can release devastating extortion attacks on potential victims. With their new collaborations, you can expect to see a lot more computer networks and devices being attack by malicious malware and ransomware. 

Hire an ethical hacker to protect your business from cybercriminals, whose sole purpose is to unleash terror on businesses and unsuspecting individuals.

Leave a Reply

Your email address will not be published. Required fields are marked *