DragonSpark threat actor avoids detection using Golang source code Interpretation
Researchers from SentinelOne have identified a Chinese-speaking threat actor that is targeting organizations in East Asia with a Golang malware to evade detection.
The attackers employed an open source tool SparkRAT along with Golang malware that implements an uncommon technique to evade detection. Chinese threat actor tracked as DragonSpark targets organizations in East Asia with a Golang malware to evade detection. The Golang malware employed in the attacks interprets embedded Golang source code at runtime as a technique for deceiving static analysis and evading detection by static analysis mechanisms.
Source read time: 2 min - securityaffairs.com
Also offered in: Nederlands