Goot Camp Gootloader Operation
The Goot Camp campaign targeted users looking for business-related documents online to drop variants from the GootLoader malware family.
Downloading and opening the malicious ZIP archive launched a series of scripts resulting in the system infected with malicious software including a Cobalt Strike beacon.
The operation also used the FONELAUNCH and SNOWCONE loaders to retrieve payloads from remote locations and load malicious code into memory.
Featured Resources
blog
Get Ready to Get MCPwned — Cymulate’s Elite CTF on Securing the Model Context Protocol
When AI agents meet the real world, every protocol becomes a potential attack vector. That’s the big idea behind MCPwned,
CUSTOMERS
How a Retail Organization Became 12x Faster at Assessing Security Controls with Cymulate
Challenge This retail organization has a presence in 34 countries and over 5,800 stores. Its security team uses various controls
blog
Ransomware Detection Techniques: A Smarter Approach to Staying Ahead of Attacks
Ransomware attacks continue to rise in both volume and sophistication, crippling organizations, exfiltrating sensitive data and costing billions annually in