A sophisticated malware campaign, dubbed 'Operation Muck and Load,' has been discovered distributing malicious modules disguised as Go DNS scanners across more than 200 GitHub repositories. Security firm Socket traced the operation, which began in January, to a network of 222 repositories that published over 700 malicious versions of the module. The malware loader employs a multi-stage decoding process and retrieves its payload from various platforms like Pastebin, Telegram, and Google Docs, ultimately deploying tools such as Vidar infostealers and XMRig cryptominers. AI
RANK_REASON This is a report on a malware campaign and its distribution method, not a new AI model release or research.
Read on Mastodon — fosstodon.org →
- GitHub
- Go security team
- muckcoding.com
- Operation Muck and Load
- Pastebin
- PowerShell
- Rats
- Socket
- Sophos
- Telegram
- Vidar
- XMRig
- YouTube
- AsyncRAT
- Google Docs
AI-generated summary · Google Gemini · from 2 sources. How we write summaries →