Background/ What has happened?
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has received an increase in reporting of malicious actors targeting Australian networks with Gootkit JavaScript (JS) Loaders. Gootkit JS Loaders are a precursor to several malware families traditionally used for cybercrime, notably, Gootkit, REvil ransomware, Kronos, or CobaltStrike.
How do I stay secure?
The ASD’s ACSC has published an advisory about the risks, impacts and preventative actions associated with Gootkit JS Loaders.
Assistance / Where can I go for help?
The ASD’s ACSC is monitoring the situation and is able to provide assistance and advice as required.
Organisations that have observed similar behaviour, been impacted or require assistance can contact the ASD’s ACSC via 1300 CYBER1 (1300 292 371).