Cybersecurity researchers have disclosed details of a malicious Go module that’s designed to harvest passwords, create persistent access via SSH, and deliver a Linux backdoor named Rekoobe.
The Go module, github[.]com/xinfeisoft/crypto, impersonates the legitimate « golang.org/x/crypto » codebase, but injects malicious code that’s responsible for exfiltrating secrets entered via terminal password
