New GootLoader Malware Variant Evades Detection and Spreads Rapidly

A new variant of the GootLoader malware known as GootBot has been found to aid lateral movement on compromised systems and avoid detection. GootBot is downloaded as a payload after a Gootloader infection and connects to a compromised WordPress site for command and control. It also makes blocking malicious traffic difficult by using a unique hard-coded C2 server for each GootBot sample.