This new malware targets Discord and browser data using one major unique feature

Malware Magnifying Glass
Image Credit: Shutterstock (Image credit: Andriano.cz / Shutterstock)

A new Golang stealer has been identified by the Trellix Advanced Research Center  targeting Windows users globally, including across the US, Europe, and Southeast Asia, and the potential for damage is alarming.

Trellix details how the use of Golang in malware development is still reasonably rare compared to other popular programming languages, however the new malware which has been dubbed Skuld is one of the few that is written with Go.

What this means is that, because of its simplicity and cross-platform compatibility, the malware has the potential to target numerous operating systems.

Golang malware is after your data

To make matters worse, Golang malware is typically harder to reverse engineer, meaning that it can take security researchers longer to detect and react with new malware removal techniques.

According to Trellix, the malware’s developer, who has been nicknamed Deathined, is believed to have taken inspiration from numerous open-source projects and malware samples to build Skuld.

It works by searching for data stored in applications like Discord and web browsers, and Trellix also suggests that a cryptocurrency asset-stealing module could be in the works.

Since its outbreak in late April, the US has been the center for attacks, with some European countries like France, Germany, and Ukraine also seeing large numbers of attacks. 

Victims will see a fake error message, which, in Trellix’s example, reads: “Error code: Windows_0x988958 Something gone wrong.” Clicking “Ok” then executes the different modules which go on to steal information from the victim.

Skuld then sends the information back to the attacker via Discord webhook or Gofile upload service

Concluding its findings, Trellix maintains that this novel type of malware poses new threats to individuals and businesses, and the rise of Golang presents new challenges for security researchers.

Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

TOPICS