Common-sense GoScanSSH author avoids infecting high-risk targets

Researchers identify new malware family that goes to great lengths not to infect high-risk military, government or law enforcement targets

Researchers at Cisco’s Talos Intelligence Group have identified a new malware family, dubbed GoScanSSH, that compromises SSH servers. Well, those not attached to government, law enforcement or military domains anyway. Spotted during a routine incident response engagement, Talos researchers noticed a number of unusual attributes as far as GoScanSSH is concerned. That it is programmed using Go, a language created at Google and used in some of the search giant’s production systems, being just one of them. The most striking is that, as part of the attack process, the malware is very careful to check for any of those aforementioned government, military or law enforcement domains.


Click here to read complete article