Malware called Blackrota was first discovered in a honeypot attempting to exploit an unauthorized-access vulnerability in the Docker Remote API. Malware uses gobfuscate, an open-source tool for Go code, to obfuscate the source code before compiling. The malware uses a beacon to communicate with a C2 server, asking for instructions or to exfiltrate collected data. It hides various elements of Go source code with random character substitutions including the package names, global variable names, function names, type names and method names.
Source: https://threatpost.com/blackrota-golang-backdoor-obfuscation/161544/