This new malware strain, written in Go, has been seen compromising systems across Europe, Southeast Asia, an the U.S. It’s stealing sensitive information from Discord, web browsers, etc.
This new malware strain, written in Go, has been seen compromising systems across Europe, Southeast Asia, an the U.S. It’s stealing sensitive information from Discord, web browsers, etc.
Yup, it’s a compiled binary that is executed on the victim user’s system.
I edited the post to point to the actual report published by Trellis here. It’s a malware analysis report so it doesn’t go in to the methodology of the initial delivery but there is a little section at the beginning detailing some steps the malware developers took trying to trick users into thinking the “app” was buggy instead of malicious.