"Hackers Use Golang Source Code Interpreter to Evade Detection"

A Chinese-speaking hacking group called DragonSpark was seen using Golang source code interpretation to avoid detection while conducting espionage attacks against East Asian companies. SentinelLabs is monitoring the attacks and reports that DragonSpark uses an open-source tool called SparkRAT to steal sensitive data from compromised systems, execute commands, perform lateral network movement, and more. The threat actors use compromised infrastructure in China, Taiwan, and Singapore to execute their attacks. SentinelLabs spotted insecure MySQL database servers exposed online being used as an intrusion vector. This article continues to discuss the DragonSpark hacking group using Golang source code interpretation to evade detection in the launch of attacks against organizations in East Asia. 

Bleeping Computer reports "Hackers Use Golang Source Code Interpreter to Evade Detection"

Submitted by Anonymous on