This new malware strain, written in Go, has been seen compromising systems across Europe, Southeast Asia, an the U.S. It’s stealing sensitive information from Discord, web browsers, etc.

  • borariOP
    link
    fedilink
    arrow-up
    2
    ·
    2 years ago

    Yup, it’s a compiled binary that is executed on the victim user’s system.

    I edited the post to point to the actual report published by Trellis here. It’s a malware analysis report so it doesn’t go in to the methodology of the initial delivery but there is a little section at the beginning detailing some steps the malware developers took trying to trick users into thinking the “app” was buggy instead of malicious.

    • goat
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      2 years ago

      oh im fine then. the only exe’s i run are loveletter