Hackers exploit James Webb Telescope images alongside Golang-based malware
The Securonix Threat Research Team has identified a new hacking campaign that exploits images from the James Webb Telescope alongside obfuscated Golang programming language payloads to infect targeted systems. This type of attack is not very common, and the research team is tracking it closely, Securonix reports.
According to the Securonix Threat Research Team report, a new hacking campaign exploits the James Webb Telescope images alongside obfuscated Golang programming language payloads to infect targeted systems. Securonix stated that the infection begins with a phishing email that contains a Microsoft Office document with a hidden external reference, in the document’s metadata, which downloads a malicious template file. The first stage of the attack’s execution begins once the victim enables its macros. Go binaries have been found to be harder to analyse and reverse, and such types of attacks are not very common in Securonix’s experience. The research team is tracking the attack closely while stating that the author of such malware designed it with ‘some trivial counter-forensics and anti-EDR detection methodologies in mind’.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.