Golang Worm Broadens its Horizons | Cyware Alerts


A known malware campaign aimed at installing cryptominers has upgraded its tactics to now attack Windows systems.

What’s going on?

As per an analysis by Barracuda Networks, the Golang loader has propagated to Windows systems and other servers, while previously it was confined to targeting Linux machines. Golang is a loader that disseminates as a worm and infects vulnerable systems. Once the system is infected, it fetches XMRig, a cryptomining payload that mines for Monero.

Facts about Golang-based malware

  • Golang is a 10 year-old compiled programming language.
  • Earlier in April, Kinsing – a wormable loader written in Golang – was found dropping XMRig onto Docker containers.
  • For Windows machines, the malware adds a backdoor user account. In the case of Linux machines, an init/update script serves the purpose.

How to stay safe?

  • Ensure your web application firewall is properly configured.
  • Staying current on security updates and patches.
  • Regularly monitoring systems for suspicious activity.

The takeaway

The backdoor user account on Windows systems is used to deploy additional payloads on application servers, non-HTTP services, and web application frameworks.



Source link

Recent articles

Government to increase TAP Air Portugal stake | News

The Portuguese government has reached an agreement to increase its stake in struggling TAP Air Portugal to 72.5%. Confirming the deal late on 2...

The fastest cars in the world

Bugatti proudly wears the top-speed crown in 2020; its 304-mph Chiron is certified as the world's fastest car. Source link

French Prime Minister Resigns Before a Cabinet Reshuffle

PARIS — France’s prime minister, Édouard Philippe, resigned on Friday, the first step in a major government reshuffle, according to the office of...

India’s Modi visits Ladakh region where troops clashed with China | News

Indian Prime Minister Narendra Modi has said that "age of expansionism" is over, as he paid tribute to soldiers killed in last month's...

Blender Quick Tips 001: Using Array Modifier Along Curve Paths [Blender 2.82 Tutorial]

nebmotion writes: Welcome to Blender Quick Tips! In this quick Blender tutorial you will learn how to use the array modifiers to duplicate or instance...

Are Seasons 1-8 of ‘Beavis and Butt-head’ on Netflix?

Beavis and Butt-head – Picture: ViacomCBSWith the news that Beavis and Butt-head is among the many shows set to be rebooted, you may...

Leave a reply

Please enter your comment!
Please enter your name here