Akamai researchers uncovered a malware campaign spreading a Golang-based malicious code tracked as Stealthworker. The malware targets Windows and Linux servers running popular web services and platforms including cPanel / WHM, WordPress, Drupal, Joomla, OpenCart, Magento, Postgres, Brixt, SSH, and FTP. Operators behind the Stealthworker malware use the infected hosts to launch brute force attacks against other systems. Even after cleaning a compromised system, the botnet would reinfect it within minutes.”]
Source: https://securityaffairs.co/wordpress/104427/malware/stealthworker-botnet.html