Golang crypto-currency mining malware emerging in mid-2018 peaked in June 2019

Cyber-security firms have spotted one fresh malware strain whose key function is to deceptively mine the digital coin namely Monero. The malware, called Golang, is a rare threat, which after identification for the first time during mid-2018, effectively existed throughout 2019. According to security researchers, the most recent Golang outbreak that has contaminated thousands of systems started around 10th June. Subsequently, some time near about June 16, the researchers identified the foremost exploit queries.

The malware is understood to spread utilizing 7 different methods that contains SSH credentials listing, 4 web application attack codes, passwords listing of Redis database, and a trial for connecting other systems via utilization of uncovered SSH codes.

Golang, after acquiring admission, tries to disseminate via utilizing SSH keys that are there on the contaminated Internet connected PC. According to F5 laboratory researchers, a few of these vulnerable servers happen to be common targets, nevertheless, the first time loaded malware during the outbreak was scripted with the Golang (Go) language, one recent programming language that isn't generally utilized for writing malware. www.infosecurity-magazine.com posted this, July 3, 2019.

The malware volume getting written with the Go programming language has been consistently rising spanning months; however, most of them attack Windows OS of Microsoft.

The 7 methods Golang employs for dissemination are 4 attack codes targeting Confluence, Drupal and ThinkPHP; utilization of Redis and SSH credentials else database mis-configurations followed with eventual dissemination onto other systems by utilizing SSH keys coming in the way of the malware.

Now, threats written with Golang were into existence all through H1-2019. During January this year, Security Company Malwarebytes spotted an ordinary stealer based on Go language. In March, Yoroi unearthed one Golang-based network-of-bots named GoBrut. Within few days, Anomali Labs found a threat group called Rocke utilizing one Go-based installer. About thirty days thereafter, QuickHeal Labs spotted JCry, one ransomware family based on Go language.

Golang helps cyber-criminals to develop across platforms rather easily, facilitating them towards contaminating Windows as well as Linux computers. A Golang-written malware is harder to analyze since it isn't commonly utilized in malware writing in comparison with other languages.

» SPAMfighter News - 7/15/2019