Threats Tagged 'golang backdoor'
View all threats tagged with 'golang backdoor'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'golang backdoor'
Click on any threat for detailed analysis and mitigation recommendations
macOS Malware Deploys in Fake Job Scams 0 FlexibleFerret is a sophisticated macOS malware campaign leveraging fake job assessment scams and social engineering to infect victims. It uses multi-stage attacks starting with JavaScript files on fraudulent recruitment websites that trick users into executing shell commands. These commands download and run a Golang backdoor that establishes persistence, enabling data theft and remote control. The malware can collect system info, steal Chrome credentials, upload/download files, and execute arbitrary commands. Attackers exfiltrate stolen data via Dropbox, complicating detection. The campaign is attributed to DPRK-aligned threat actors and targets macOS users globally. No CVSS score exists, but the threat is medium severity due to social engineering reliance and macOS focus. European organizations with macOS endpoints, especially in tech and government sectors, face risks. Mitigations include user education on phishing, restricting script execution, monitoring unusual Dropbox traffic, and deploying endpoint detection tuned for macOS threats. Join the discussion | AlienVault OTX General | 11/26/2025, 07:34:23 UTC Added: 11/26/2025, 10:08:24 UTC |
Showing 1 to 1 of 1 result