Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

by 0 Comments

Technology
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot
Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator.
“On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,” Socket researcher Kirill Boychenko

Read original source here.

Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775
Dexter: Resurrection Season 1 Episode 9 Review: Touched By An Angel Delivers Devastation & Breaks Our Hearts
fmr. U.S. CEO Bill Simon
Santa Monica police chief announces resignation – NBC Los Angeles
Trump official says DOJ will investigate Fed Governor Cook