CyberSecurity news
FlagThis
Kirsten Doyle@Information Security Buzz
//
Socket researchers have discovered a malicious campaign infiltrating the Go ecosystem using typosquatted packages. These packages are designed to install hidden loader malware targeting Linux and macOS systems. The threat actor has published at least seven packages that impersonate widely used Go libraries.
These malicious packages share repeated malicious filenames and consistent obfuscation techniques, suggesting a coordinated threat actor. One of the packages appears to target financial-sector developers. The typosquatted packages can execute remote code, potentially stealing data or credentials.
ImgSrc: informationsecu
References :
These malicious packages share repeated malicious filenames and consistent obfuscation techniques, suggesting a coordinated threat actor. One of the packages appears to target financial-sector developers. The typosquatted packages can execute remote code, potentially stealing data or credentials.
ImgSrc: informationsecu
Share:
References :
- Information Security Buzz: Typosquatted Go Packages Distribute Malware Loader Targeting Linux and macOS
- Anonymous ???????? :af:: Researchers have found a malicious campaign targeting Go developers with fake libraries. At least 7 typosquatted packages impersonate popular Go modules to deploy loader malware. These can execute remote code, stealing data or credentials on Linux and macOS systems.
- socket.dev: Typosquatted Go Packages Deliver Malware Loader Targeting Linux and macOS Systems
- The Hacker News: Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems
Classification:
- HashTags: #Typosquatting #Golang #Malware
- Company: Go
- Target: Go developers
- Attacker: Typosquatters
- Product: Go Packages
- Feature: Typosquatting
- Malware: Hypert
- Type: Malware
- Severity: High