Cybereason, a cybersecurity advisory service, issued a warning about GootLoader, a malware that uses search engine optimization poisoning techniques and fake Google ads to deliver its payload to healthcare organizations.
The malware campaign has targeted the health and finance sectors in the U.K., U.S. and Australia. The malware was initially known as Gootkit when it started as a banking Trojan in 2014, according to a Feb. 8 Cybereason report.
The threat actor operating GoodLoader is known as UNC2565.