New Cybersecurity Threats: CountLoader & GachiLoader Malware Explained

In this video, we explore the recent emergence of two sophisticated malware campaigns, CountLoader and GachiLoader, that have raised significant concerns in the cybersecurity landscape. You'll learn about how these malware variants operate, their distribution methods, and the implications for users and organizations alike.

What you’ll learn: We will break down the mechanics of CountLoader and GachiLoader, detailing their infection vectors, capabilities, and the potential risks they pose. We’ll also discuss the importance of proactive cybersecurity measures and what individuals and organizations can do to protect themselves from these threats.

CountLoader, a modular loader, has been detected since June 2025 and is primarily distributed through cracked software sites. Unsuspecting users trying to download pirated software are redirected to malicious links, leading to the installation of CountLoader, which can deliver various payloads including Cobalt Strike and information stealers like ACR Stealer. This loader establishes persistence on infected systems and has evolved to propagate via removable drives, showcasing its growing sophistication.

On the other hand, GachiLoader is a JavaScript malware loader distributed through compromised YouTube accounts, reaching approximately 220,000 views across 100 flagged videos. This malware employs advanced techniques for executing payloads while evading detection, including manipulating Windows internals and configuring Microsoft Defender exclusions.

Both campaigns highlight the necessity for robust detection and defense strategies in cybersecurity. As malware authors become more adept at evading security measures, it is crucial for users to stay informed and vigilant.

In response to these threats, organizations should review their cybersecurity protocols, ensure that security software is up-to-date, and educate employees about the dangers of downloading software from unverified sources. Additionally, users should be cautious when encountering software installers and consider using legitimate sources to avoid falling victim to these types of attacks.

Stay tuned as we delve deeper into these emerging threats and how they affect the cybersecurity landscape. Understanding these risks is vital for both individuals and organizations to safeguard their data and systems effectively.