The JavaScript (aka JScript) malware loader called GootLoader
has been observed using a malformed ZIP archive that's designed to
sidestep detection efforts by concatenating anywhere from 500 to
1,000 archives. "The actor creates a malformed archive as an
anti-analysis technique," Expel security researcher Aaron Walton
said in a report shared with The Hacker News. "That is, many
unarchiving tools
Read more https://thehackernews.com/2026/01/gootloader-malware-uses-5001000.html
