{ads}

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

Written By Sunday, 24 August 2025 Add Comment



August 24, 2025 at 07:08PM

Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. "On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor," Socket researcher Kirill Boychenko

from The Hacker News https://ift.tt/I805oTb

0 Response to "Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads