Malicious actors are abusing Go’s open-source ecosystem by deploying a backdoored crypto module that steals passwords and installs a Rekoobe Linux backdoor on developer and CI environments. The package imitates Go’s trusted cryptography library to turn ordinary password prompts into a full compromise chain quietly. On pkg.go.dev it appears as a normal cryptography library with […] The post Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor in Developer Environments appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/malicious-go-crypto-module/
