The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer. The malware steals “SSH, FileZilla, C drive files/directories, browsers, system information, [and] screen captures” from infected systems, South Korean cybersecurity company S2W said in a new technical report. Troll Stealer’s links to Kimsuky stem […]
Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard Labs, which detailed the latest iteration of the ransomware, said it’s being propagated by means of an infection that delivers a Microsoft Excel document (.XLAM) containing a VBA script. “The attackers utilized the Gitea service […]
A new Golang-based information stealer called Skuld has compromised Windows systems across Europe, Southeast Asia, and the U.S. “This new malware strain tries to steal sensitive information from its victims,” Trellix researcher Ernesto Fernández Provecho said in a Tuesday analysis. “To accomplish this task, it searches for data stored in applications such as Discord and […]
A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet. “GoBruteforcer chose a Classless Inter-Domain Routing (CIDR) block for scanning the network during the attack, and it targeted all IP addresses within that CIDR range,” Palo Alto Networks Unit 42 […]
A new Golang-based information stealer malware dubbed Titan Stealer is being advertised by threat actors through their Telegram channel. “The stealer is capable of stealing a variety of information from infected Windows machines, including credential data from browsers and crypto wallets, FTP client details, screenshots, system information, and grabbed files,” Uptycs security researchers Karthickkumar Kathiresan […]
Organizations in East Asia are being targeted by a likely Chinese-speaking actor dubbed DragonSpark while employing uncommon tactics to go past security layers. “The attacks are characterized by the use of the little known open source SparkRAT and malware that attempts to evade detection through Golang source code interpretation,” SentinelOne said in an analysis published […]
Recently, a new piece of evasive malware has been discovered that is able to gain entry into enterprise systems in order to mine cryptocurrency by exploiting a key internet-facing protocol. Researchers have discovered that the malware is capable of launching DDoS attacks, gaining a foothold on corporate networks, and launching attacks. To maintain Akamai’s long-term […]
A new ransomware strain written in Golang dubbed “Agenda” has been spotted in the wild, targeting healthcare and education entities in Indonesia, Saudi Arabia, South Africa, and Thailand. “Agenda can reboot systems in safe mode, attempts to stop many server-specific processes and services, and has multiple modes to run,” Trend Micro researchers said in an […]
A new Golang-based peer-to-peer (P2P) botnet has been spotted actively targeting Linux servers in the education sector since its emergence in March 2022. Dubbed Panchan by Akamai Security Research, the malware “utilizes its built-in concurrency features to maximize spreadability and execute malware modules” and “harvests SSH keys to perform lateral movement.” The feature-packed botnet, which […]
Cybersecurity researchers have unpacked a nascent Golang-based botnet called Kraken that’s under active development and features an array of backdoor capabilities to siphon sensitive information from compromised Windows hosts. “Kraken already features the ability to download and execute secondary payloads, run shell commands, and take screenshots of the victim’s system,” threat intelligence firm ZeroFox said […]
Weaknesses in e-commerce portals are being exploited to deploy a Linux backdoor as well as a credit card skimmer that’s capable of stealing payment information from compromised websites. “The attacker started with automated e-commerce attack probes, testing for dozens of weaknesses in common online store platforms,” researchers from Sansec Threat Research said in an analysis. […]
A new malicious software (ransomware) variant that leverages Golang has been released. It indicates that cybercriminals leverage GoLang (programming language) to execute their malicious actions. CrowdStrike obtained a specimen of the new ransomware strain, which has not been named yet. This malicious software has the same features as FiveHands and DeathRansom/HelloKitty. These malicious software variants […]
Swiss army knife Webserver in Golang. Keep simple like the python SimpleHTTPServer but with many features. Usage Help $ ./webserver -help web subcommand -bind string Bind Port (default “8080”) -certificate string HTTPS certificate : openssl req -new -x509 -sha256 -key server.key -out server.crt -days 365 -gzip Enables gzip/zlib compression (default true) -help Print usage […]
Researchers observed new snake ransomware that written in Golang targeting Windows users to encrypt the system files and remove the Volume Shadow Copies that the OS uses for backup. Snake ransomware is a targeted campaign that contains a standard ransomware feature with some of the more complex functionalities. Malware authors choose the Golang language which […]
Blind SQL Injection Tool with Golang.UsageDownload andor.go and go to the folder where the file andor.go located. And type this to command promt:go run andor.go –url “http://deneme.com/index.php?id=1″** Note: Get parameter value must be correct, otherwise it will not work. Download Andor
A Golang implant that uses Slack as a command and control channel. This project was inspired by Gcat and Twittor that uses the same implementation but with different platforms. This tool is released as a proof of concept. Be sure to read and understand the Slack App Developer Policy before creating any Slack apps. Setup […]