{"id":5303,"date":"2025-08-24T14:11:27","date_gmt":"2025-08-24T14:11:27","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot\/"},"modified":"2025-08-24T14:11:27","modified_gmt":"2025-08-24T14:11:27","slug":"malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot\/","title":{"rendered":"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot"},"content":{"rendered":"

\u200bCybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator.
\n“On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,” Socket researcher Kirill Boychenko\u00a0Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator.
\n“On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,” Socket researcher Kirill Boychenko\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"

\u200bCybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. “On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,” Socket researcher… Read More »Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":5304,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/5303"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=5303"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/5303\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/5304"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=5303"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=5303"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=5303"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}