May 10, 2024NewsroomMalware / Cyber Espionage The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at two South Korean cryptocurrency firms. "Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, … [Read more...] about North Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto Firms
Golang
Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems
May 16, 2023Ravie LakshmananEndpoint Security / Cyber Threat A Golang implementation of Cobalt Strike called Geacon is likely to garner the attention of threat actors looking to target Apple macOS systems. The findings come from SentinelOne, which observed an uptick in the number of Geacon payloads appearing on VirusTotal in recent months. "While some of these are likely … [Read more...] about Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems
Modern Approaches to Logging with Golang
The Golang ecosystem has long relied on the use of third-party libraries for logging. Logrus, one of the first leveled, structured logging libraries, is now maintenance-only and its developers recommend migrating to other libraries. At CrowdStrike, we relied heavily on Logrus and recently underwent an overhaul to implement a more modern approach to logging. In evaluating our … [Read more...] about Modern Approaches to Logging with Golang
TellYouThePass Ransomware Analysis Reveals Modern Reinterpretation Using Golang
TellYouThePass ransomware, discovered in 2019, recently re-emerged compiled using Golang Golang’s popularity among malware developers makes cross-platform development more accessible TellYouThePass ransomware was recently associated with Log4Shell post-exploitation, targeting Windows and Linux The CrowdStrike Falcon® platform protects customers from Golang-written … [Read more...] about TellYouThePass Ransomware Analysis Reveals Modern Reinterpretation Using Golang
Financial Motivation Drives Golang Malware Adoption
Golang malware popularity snowballs, increasing by 80% from June to August 2021 eCrime turns to Golang because of its versatility, enabling cross-compiling for other operating systems Cryptocurrency miners earn the largest share of total Golang malware — 70% in August compared to 54% in June 2021 CrowdStrike researchers uncovered an 80% increase in Golang (Go)-written malware … [Read more...] about Financial Motivation Drives Golang Malware Adoption