Hackers exploit James Webb Telescope images alongside Golang-based malware
According to the Securonix Threat Research Team report, a new hacking campaign exploits the James Webb Telescope images alongside obfuscated Golang programming language payloads to infect targeted systems. Securonix stated that the infection begins with a phishing email that contains a Microsoft Office document with a hidden external reference, in the document’s metadata, which downloads a malicious template file. The first stage of the attack’s execution begins once the victim enables its macros. Go binaries have been found to be harder to analyse and reverse, and such types of attacks are not very common in Securonix’s experience. The research team is tracking the attack closely while stating that the author of such malware designed it with ‘some trivial counter-forensics and anti-EDR detection methodologies in mind’.