Cybersecurity researchers have identified a new Golang-based backdoor which uses Telegram for command-and-control communications, thought to be of Russian origin. Once launched, the malware checks its location and if different, moves its own content accordingly, launching a copied version. It uses an open-source library for Golang Telegram Bot API bindings for command-and-control purposes. The malware can execute commands via PowerShell, relaunch itself and, in future, potentially capture screenshots.
New MassJacker malware targets piracy users, steals crypto
A newly identified cryptojacking malware known as MassJacker is attacking piracy users, hijacking their crypto transactions, and replacing stored addresses, according to cybersecurity firm CyberArk.
