This new malware strain, written in Go, has been seen compromising systems across Europe, Southeast Asia, an the U.S. It’s stealing sensitive information from Discord, web browsers, etc.

  • goat
    link
    fedilink
    arrow-up
    1
    arrow-down
    3
    ·
    2 years ago

    How do you get infected? Running an exe from the looks of it?

    • borariOP
      link
      fedilink
      arrow-up
      2
      ·
      2 years ago

      Yup, it’s a compiled binary that is executed on the victim user’s system.

      I edited the post to point to the actual report published by Trellis here. It’s a malware analysis report so it doesn’t go in to the methodology of the initial delivery but there is a little section at the beginning detailing some steps the malware developers took trying to trick users into thinking the “app” was buggy instead of malicious.

      • goat
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        2 years ago

        oh im fine then. the only exe’s i run are loveletter