A new Golang-based information stealer called Skuld has been found infecting Windows systems across Europe, Southeast Asia and the U.S. Trellix researcher Ernesto Fernández Provecho warns that this new malware strain tries to steal sensitive information from its victims.
To do so, it searches for data stored in applications such as Discord and web browsers; information from the system and files stored in the victim’s folders.
The malware, upon execution, checks if it’s running in a virtual environment in an attempt to thwart analysis.
Data exfiltration is accomplished by means of an actor-controlled Discord webhook or the Gofile upload service.
Additionally, Golang’s compiled nature lets malware authors produce binary executables that are more difficult to analyze and reverse engineer, Fernánda Provechio says.
👋 Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! 🛍️
If not, consider contributing to my caffeine supply at Buy Me a Coffee ☕️.
Your clicks = cosmic support for more awesome content! 🚀🌈
Leave a Reply