Secure ICT Solutions

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system's primary disk and render it unbootable.

The names of the packages are listed below -
github[.]com/truthfulpharm/prototransform github[.]com/blankloggia/go-mcp github[.]com/steelpoor/tlsproxy

"Despite appearing legitimate, these modules contained highly obfuscated code designed to fetch and execute remote payloads," Socket researcher Kush Pandya said.

The packages are designed to check if the operating system on which they are being run is Linux, and if so retrieve a next-stage payload from a remote server using wget.

The payload is a destructive shell script that overwrites the entire primary disk ("/dev/sda") with zeroes, effectively preventing the machine from booting up.

"This destructive method ensures no data recovery tool or forensic process can restore the data, as it directly and irreversibly overwrites it," Pandya said.

Here are 30 cybersecurity search engines:🖥👁📚📃

1. Dehashed—View leaked credentials.
2. SecurityTrails—Extensive DNS data.
3. DorkSearch—Really fast Google dorking.
4. ExploitDB—Archive of various exploits.
5. ZoomEye—Gather information about targets.
6. Pulsedive—Search for threat intelligence.
7. GrayHatWarefare—Search public S3 buckets.
8. PolySwarm—Scan files and URLs for threats.
9. Fofa—Search for various threat intelligence.
10. LeakIX—Search publicly indexed information.
11. DNSDumpster—Search for DNS records quickly.
13. FullHunt—Search and discovery attack surfaces.
14. AlienVault—Extensive threat intelligence feed.
12. ONYPHE—Collects cyber-threat intelligence data.
15. Grep App—Search across a half million git repos.
17. URL Scan—Free service to scan and analyse websites.
18. Vulners—Search vulnerabilities in a large database.
19. WayBackMachine—View content from deleted websites.
16. Shodan—Search for devices connected to the internet.
21. Netlas—Search and monitor internet connected assets.
22. CRT sh—Search for certs that have been logged by CT.
20. Wigle—Database of wireless networks, with statistics.
23. PublicWWW—Marketing and affiliate marketing research.
24. Binary Edge—Scans the internet for threat intelligence.
25. GreyNoise—Search for devices connected to the internet.
26. Hunter—Search for email addresses belonging to a website.
27. Censys—Assessing attack surface for internet connected devices.
28. IntelligenceX—Search Tor, I2P, data leaks, domains, and emails.
29. Packet Storm Security—Browse latest vulnerabilities and exploits.
30. SearchCode—Search 75 billion lines of code from 40 million projects.

🔐 Security Misconfigurations: Small Oversights, Big Risks! Weak settings like open cloud storage, default passwords, or unpatched software can lead to data breaches, unauthorized access, compliance fines, and reputational damage. Regularly audit your systems, update software, and follow security best practices to stay protected. A little effort can prevent a major disaster!

Protect your business from evolving cyber threats with our comprehensive Cybersecurity Services. We specialize in Data Protection and Encryption, Threat Detection and Prevention, and Employee Training and Awareness to ensure your organization stays secure. Safeguard your data, detect potential threats, and empower your team with the knowledge to prevent cyberattacks. For more information, contact us at +92 3001732 873.