CyberSecurityBoard
Sponsor Register Login

Malicious Go Module Poses as SSH Brute Forcer to Deploy Backdoors, Steal Data

A newly discovered malicious Go module masquerades as an SSH brute forcer but is actually designed to deploy backdoors and steal sensitive data from compromised systems. This sophisticated malware leverages the Go programming language's cross-platform capabilities to target a wide range of environments, making it a significant threat to organizations relying on SSH for secure remote access. The malware's stealthy nature allows it to evade traditional detection methods, emphasizing the need for enhanced monitoring and updated security protocols. Cybersecurity experts recommend immediate patching of vulnerable systems, continuous network traffic analysis, and the use of advanced endpoint detection tools to mitigate the risks posed by this threat. This incident highlights the evolving tactics of threat actors who exploit legitimate tools and protocols to infiltrate networks and exfiltrate data, underscoring the importance of comprehensive cybersecurity strategies in today's digital landscape.

This Cyber News was published on thehackernews.com. Publication date: Sun, 24 Aug 2025 20:59:04 +0000


Cyber News related to Malicious Go Module Poses as SSH Brute Forcer to Deploy Backdoors, Steal Data

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 year ago Aws.amazon.com
New SSH-Snake Malware Abuses SSH Credentials - Threat actors abuse SSH credentials to gain unauthorized access to systems and networks. SSH credential abuse provides a stealthy entry point for threat actors to compromise and control the targeted systems. On January 4th, 2024, the Sysdig Threat ...
1 year ago Cybersecuritynews.com
Malicious Go Module Poses as SSH Brute Forcer to Deploy Backdoors, Steal Data - A newly discovered malicious Go module masquerades as an SSH brute forcer but is actually designed to deploy backdoors and steal sensitive data from compromised systems. This sophisticated malware leverages the Go programming language's ...
3 months ago Thehackernews.com
Malicious Go Module Package as Fast SSH Brute Forcer - A recent cybersecurity analysis has uncovered a malicious Go module package designed to function as a fast SSH brute forcer. This threat leverages the Go programming language's capabilities to execute rapid and efficient brute force attacks against ...
3 months ago Cybersecuritynews.com
In a first, cryptographic keys protecting SSH connections stolen in new attack - For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the ...
2 years ago Arstechnica.com
CVE-2024-52308 - The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using `gh codespace ssh` or `gh codespace logs` commands. This has been patched in the cli v2.62.0. Developers connect to ...
1 year ago Tenable.com
Hackers Attacking Linux SSH Servers to Deploy Scanner Malware - Hackers often target Linux SSH servers due to their widespread use in hosting critical services, and the following loopholes make them vulnerable, providing opportunities to hackers for unauthorized access and potential exploitation:-. Cybersecurity ...
1 year ago Gbhackers.com
New Outlaw Linux Malware Leveraging SSH Brute-Forcing & Corn Jobs to Maintain Persistence - This malware has demonstrated remarkable longevity in the threat landscape by leveraging simple yet effective tactics such as SSH brute-forcing, strategic persistence mechanisms, and cryptocurrency mining operations to maintain a growing botnet of ...
8 months ago Cybersecuritynews.com
CVE-2023-48795 - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client ...
1 year ago
The MiraiOriginated Medusa Botnet Has Returned with the Ability to Carry Out Ransomware Attacks - Researchers have discovered a new version of the Medusa malware, which is based on the Mirai botnet code. This version has been available on dark web marketplaces since 2015 and has the ability to launch DDoS attacks using the HTTP protocol. It also ...
2 years ago Heimdalsecurity.com Medusa
Outlaw Cybergang Attacking Linux Environments Worldwide With New Malware - A previously documented threat actor known as Outlaw (or “Dota”) has resurfaced with an enhanced malware toolkit targeting Linux servers globally, according to a recent incident response investigation by Securelist analysts. The malware’s ...
7 months ago Cybersecuritynews.com
CVE-2023-28436 - Tailscale is software for using Wireguard and multi-factor authentication (MFA). A vulnerability identified in the implementation of Tailscale SSH starting in version 1.34.0 and prior to prior to 1.38.2 in FreeBSD allows commands to be run with a ...
2 years ago
Attackers Targeting Poorly Managed Linux SSH Servers - In recent times, Linux SSH servers have become a prime target for attackers aiming to compromise security and exploit vulnerabilities for malicious activities. This article delves into the growing concern surrounding poorly secured Linux SSH servers, ...
1 year ago Securityboulevard.com
Penetration Testing for Sensitive Data Exposure in Enterprise Networks: Everything You Need to Know! - The amount of data enterprises store is much bigger than SMBs. A lot of this data includes sensitive information of customers and clients such as bank details, social security numbers, emails, contact numbers, etc. For those new to data security, ...
1 year ago Securityboulevard.com
CVE-2022-49236 - In the Linux kernel, the following vulnerability has been resolved: ...
9 months ago
Building a Sustainable Data Ecosystem - Finally, I outline future research and policy refinement directions, advocating for a collaborative and responsible approach to building a sustainable data ecosystem in generative AI. In recent years, generative AI has emerged as a transformative ...
1 year ago Feeds.dzone.com
What Is a Brute Force Attack? - A brute force attack is a type of cyber-attack that criminals use, in order to gain access to a computer system or the private data stored within. This type of attack involves a hacker attempting to guess information, such as passwords or access ...
2 years ago Heimdalsecurity.com
Decoding the data dilemma: Strategies for effective data deletion in the age of AI - Businesses today have a tremendous opportunity to use data in new ways, but they must also look at what data they keep and how they use it to avoid potential legal issues. Forrester predicts a doubling of unstructured data in 2024, driven in part by ...
1 year ago Venturebeat.com
Over 11M SSH Servers are Vulnerable to new Terrapin Attack - Previously, in December 2023, it was reported that SSH servers were vulnerable to the new Terrapin Attack in which threat actors can downgrade an SSH protocol version, making it vulnerable to exploitation. This attack can also be used to redirect ...
1 year ago Cybersecuritynews.com
Aim for a modern data security approach - Risk, compliance, governance, and security professionals are finally realizing the importance of subjecting sensitive workloads to robust data governance and protection the moment the data begins traversing the data pipeline. Why current data ...
1 year ago Helpnetsecurity.com
When a Data Mesh Doesn't Make Sense - The data mesh is a thoughtful decentralized approach that facilitates the creation of domain-driven, self-service data products. Data mesh-including data mesh governance-requires the right mix of process, tooling, and internal resources to be ...
1 year ago Feeds.dzone.com
Data Classification: Your 5 Minute Guide - Data classification has become a vital component of data security governance. With the rise of virtual data networks, organizations must take necessary measures to protect and secure confidential information. Data classification is the process of ...
2 years ago Tripwire.com
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - – Exploitation of zero-day vulnerabilities or watering hole attacks (compromising websites frequented by the target).Establishing a Foothold– Attackers deploy malware to create backdoors or tunnels for undetected movement within the ...
9 months ago Cybersecuritynews.com APT41
Data Classification Software Features to Look Out For - For organizations looking to improve their data protection and data compliance strategies, technology is essential. Implementation of the right software can help you gain visibility into your company's data, improving your ability to protect customer ...
1 year ago Securityboulevard.com
New Terrapin Attacking SSH Protocol to Downgrade the Security - SSH protocol is one of the most used protocols across several organizations to establish a remote terminal login and file transfer. SSH consists of an authenticated key exchange for establishing the secure channel connection to ensure integrity and ...
1 year ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)