A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and evade detection.
« The GootLoader group’s introduction of their own custom bot into the late stages of their attack chain is an attempt to avoid detections when using off-the-shelf tools for C2 such as CobaltStrike or RDP, » IBM X-Force researchers Golo Mühr and Ole
