Malware targets law firms in widespread cyberattacks. - Velox Systems

Malware targets law firms in widespread cyberattacks.

Malware targets law firms in widespread cyberattacks. A key player in these attacks is GootLoader, a stealthy malware. Craftily, it works by gaining access to systems and delivering ransomware or other harmful payloads. GootLoader typically uses search engine poisoning, manipulating results to direct users to compromised WordPress websites where the malware is downloaded.

History of GootLoader Attacks

In March 2021, reports detailing a global drive-by download campaign. Hackers were tricking law firms into visiting these compromised sites. Attackers exploit WordPress vulnerabilities to inject malicious pages. Then, the websites are broken into by exploiting security vulnerabilities in the WordPress content management system (CMS), effectively permitting the attackers to clandestinely inject the pages of their liking without the website owner’s knowledge. GootLoader relies heavily on social engineering, luring professionals with fake resources, such as free business agreement templates, to execute the malware. The malware’s backdoor capabilities suggest that it is used for intelligence gathering or deploying additional payloads, such as Cobalt Strike and ransomware.

“GootLoader relies heavily on social engineering to establish its foothold, from poisoning Google search results to fashioning the payload,” said Keegan Keplinger, research and reporting lead for eSentire’s Threat Response Unit (TRU). “GootLoader’s operators invite employees to seek, download, and execute their malware under the guise of a free business agreement template. This is particularly effective against legal firms, who may encounter uncommon requests from clients.”

How to Navigate These Threats

Malware targets law firms in widespread cyberattacks. Thus, to mitigate these threats, organizations should actively be:

  • Vetting business agreement samples.
  • Training employees to open documents only from trusted sources.
  • Verifying downloaded content matches expectations.

However, these can be tricky to implement for your organization alone. Curious about strengthening your law firm’s defenses? Enter Velox Systems. Velox Systems provides tailored IT and cybersecurity solutions to keep your firm secure and running smoothly. Visit our Law Firm page to see how we can support your success.