Malicious Go Module Masquerading as SSH Brute-Force Tool Steals Login Credentials via Telegram

Tuesday, 26 August

Monday, 25 August, 2025

Malicious Go Module Masquerading as SSH Brute-Force Tool Steals Login Credentials via Telegram

Security researchers have uncovered a deceptive Go module named “golang-random-ip-ssh-bruteforce” that masquerades as an SSH brute-force scanner. Once a login succeeds, it stealthily sends the target IP, username, and password to a malicious Telegram bot. It bypasses host key checks, attempts high-concurrency brute-forcing using common credentials (e.g., root, admin, 12345678), and relays results to the attacker via Telegram—evading detection and exploiting unwitting operators.

Read full story at The Hacker News

Tags:malicious attacker Telegram bot

Categories

Malicious Go Module Masquerading as SSH Brute-Force Tool Steals Login Credentials via Telegram

Also Read

Qatar Investment Authority Moves Karnataka HC to Enforce $235M Arbitral Award Against Byju Raveendran

ChatGPT “Googles” Queries Behind the Scenes—So Google Search Isn’t Dead After All

Uttar Pradesh Launches QR Code-Based Property Checks and Instant Registries, Streamlining Rent Agreements

Scientists Develop Perovskite Solar Cells That Let Indoor Devices Run Battery-Free

Amazon, Flipkart Push for Export Exemption from India’s E-Commerce FDI Rules

WinZO Pivoting to Micro-Dramas & Subscriptions, Expands Into U.S. After RMG Ban

Malicious Go Module Masquerading as SSH Brute-Force Tool Steals Login Credentials via Telegram

Power Utilities Turn to AI to Bolster Cybersecurity in Evolving Threat Landscape

Thoma Bravo to Acquire Verint Systems in $2 Billion All-Cash Deal, Combining It with Calabrio

Subscribe To Our Newsletter.