Dangerous new GoSerpent malware is apparently on the hunt for government secrets



  • Kaspersky uncovers GoSerpent, a long‑running campaign on Southeast Asian government systems using a backdoor, RAT (Stowaway), and exfiltration tool (TmcLoader)
  • Attackers showed extreme patience, waiting weeks before deploying secondary tools to evade detection and outlast log retention policies
  • Attribution remains uncertain, but overlaps with past TetrisPhantom operations; defenders are urged to review shared IoCs to detect compromise

Security researchers Kaspersky discovered a five-year-old piece of malware that’s been hiding on government computers in the Southeast Asian region, harvesting secrets and other actionable intelligence.

The company analyzed a campaign called GoSerpent, which comprises of a backdoor of the same name, a Remote Access Trojan (RAT) called Stowaway, and a two-stage data exfiltration tool called TmcLoader.

https://cdn.mos.cms.futurecdn.net/NGKiUcJVFBC8HkMp9dTo9a-1920-80.jpg



Source link

Latest articles

spot_imgspot_img

Related articles

Leave a reply

Please enter your comment!
Please enter your name here

spot_imgspot_img