SC Media reports that organizations in the financial sector are having their Linux and macOS systems targeted by stealthy loader payloads spread via at least seven typosquatted Go packages as part of an ongoing attack campaign.Duplicated filenames and similar obfuscation tactics used across the Go packages indicate work by a coordinated threat actor, whose ability to conduct malicious package uploads suggests the continued targeting of the Go ecosystem, according to an investigation by Socket researchers."Developers should remain vigilant, adopting real-time scanning tools, code audits, and careful dependency management to guard against typosquatting and obfuscated malicious payloads," said researchers.Stephen Kowski, field chief technology officer at SlashNext Email Security, said automated scanning tools, hash validation, and real-time behavioral monitoring were necessary to combat threats posed by typosquatted software packages.These findings also underscored the importance of software risk management and module verification prior to source code integration, according to Thomas Richards, network and red team practice director and principal consultant at Black Duck.
Related Terms
Attack VectorYou can skip this ad in 5 seconds