A new version of a known malware campaign aimed at installing cryptominers has changed up its tactics. The latest version of the Golang malware has added attacks on Windows servers and a new pool of exploits to its bag of tricks. It is also swiftly evolving to position itself as a backdoor for downloading future, more damaging malware, researchers said. The malware itself was first uncovered about a year ago, and is a loader that spreads as a worm. Once it infects a machine, it fetches the XMRig cryptomining payload, which mines for Monero.
Source: https://threatpost.com/worm-golang-malware-windows-payloads/156924/