Windows, macOS targeted by novel JaskaGO infostealer.

Windows and macOS systems have been subjected to attacks leveraging the novel Go-based information-stealing malware JaskaGO, reports The Hacker News. Threat actors have concealed JaskaGO within fraudulent versions of CapCut, AnyConnect, and other legitimate software, which when installed do not harm virtual machines but facilitate data exfiltration, cryptocurrency theft, shell command execution, running process enumeration, and further payload deployment in other systems, according to a report from AT&T Alien Labs. Moreover, system persistence is achieved by JaskaGO on macOS through a multi-step process that includes self-execution through root permissions, Gatekeeper protection deactivation, and custom launch daemon creation. Details regarding the attack vector for JaskaGO or the extent of the campaign remains unclear but the payload represents the increasing prevalence of Go-based malware, said researcher Ofer Caspi. “Go, also known as Golang, is recognized for its simplicity, efficiency, and cross-platform capabilities. Its ease of use has made it an attractive choice for malware authors seeking to create versatile and sophisticated threats,” Caspi added.

Don’t Stop Here

More To Explore

Infostealers Webinar – Hudson Rock

Learn about Infostealers with actual real life breaches caused by Infostealer infections with Leonid Rozenberg, Hudson Rock’s Head of Partnerships & Integrations. To discover how

favicon__1_ removebg-png

BE THE FIRST TO KNOW

Stay informed with the latest insights in our Infostealers weekly report.

Receive immediate notification if your email is involved in an infostealer infection.

No Spam, We Promise

favicon__1_ removebg-png

BE THE FIRST TO KNOW

Stay informed with the latest insights in our Infostealers weekly report.

Receive immediate notification if your email is involved in an infostealer infection.

No Spam, We Promise