{ads}

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

Written By Friday, 16 January 2026 Add Comment



January 16, 2026 at 11:29PM

The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 archives. "The actor creates a malformed archive as an anti-analysis technique," Expel security researcher Aaron Walton said in a report shared with The Hacker News. "That is, many unarchiving tools

from The Hacker News https://ift.tt/trcwZa4

0 Response to "GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads