cognitive cybersecurity intelligence

News and Analysis

Search

New Golang-Based Backdoor Uses Telegram Bot API for Evasive C2 Operations

Cybersecurity researchers have identified a new Golang-based backdoor which uses Telegram for command-and-control communications, thought to be of Russian origin. Once launched, the malware checks its location and if different, moves its own content accordingly, launching a copied version. It uses an open-source library for Golang Telegram Bot API bindings for command-and-control purposes. The malware can execute commands via PowerShell, relaunch itself and, in future, potentially capture screenshots.

Source: thehackernews.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts