{"id":17311,"date":"2025-08-24T13:38:00","date_gmt":"2025-08-24T13:38:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/"},"modified":"2025-08-24T13:38:00","modified_gmt":"2025-08-24T13:38:00","slug":"malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/","title":{"rendered":"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator.<br \/>\n&#8220;On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,&#8221; Socket researcher Kirill Boychenko<a href=\"https:\/\/thehackernews.com\/2025\/08\/malicious-go-module-poses-as-ssh-brute.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. &#8220;On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,&#8221; Socket researcher [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":17312,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-17311","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. &quot;On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,&quot; Socket researcher\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"admin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. &quot;On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,&quot; Socket researcher\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2025-08-24T13:38:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2025-08-24T13:38:00+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. &quot;On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,&quot; Socket researcher\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/24\\\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\\\/#blogposting\",\"name\":\"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"headline\":\"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/ssh-tool-DTfyeN.jpg\",\"width\":728,\"height\":380},\"datePublished\":\"2025-08-24T13:38:00+00:00\",\"dateModified\":\"2025-08-24T13:38:00+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/24\\\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/24\\\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/24\\\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/24\\\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\\\/#listItem\",\"name\":\"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/24\\\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\\\/#listItem\",\"position\":3,\"name\":\"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/24\\\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"admin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/24\\\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/24\\\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\\\/\",\"name\":\"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"description\":\"Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. \\\"On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,\\\" Socket researcher\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/24\\\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/ssh-tool-DTfyeN.jpg\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/24\\\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\\\/#mainImage\",\"width\":728,\"height\":380},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/08\\\/24\\\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\\\/#mainImage\"},\"datePublished\":\"2025-08-24T13:38:00+00:00\",\"dateModified\":\"2025-08-24T13:38:00+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. \"On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,\" Socket researcher","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/#blogposting","name":"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","headline":"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/08\/ssh-tool-DTfyeN.jpg","width":728,"height":380},"datePublished":"2025-08-24T13:38:00+00:00","dateModified":"2025-08-24T13:38:00+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/#listItem","name":"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/#listItem","position":3,"name":"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"Person","@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author","url":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/","name":"admin","image":{"@type":"ImageObject","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g","width":96,"height":96,"caption":"admin"}},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/","name":"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. \"On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,\" Socket researcher","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/08\/ssh-tool-DTfyeN.jpg","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/#mainImage","width":728,"height":380},"primaryImageOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/#mainImage"},"datePublished":"2025-08-24T13:38:00+00:00","dateModified":"2025-08-24T13:38:00+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","og:description":"Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. &quot;On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,&quot; Socket researcher","og:url":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/","article:published_time":"2025-08-24T13:38:00+00:00","article:modified_time":"2025-08-24T13:38:00+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","twitter:description":"Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator. &quot;On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor,&quot; Socket researcher"},"aioseo_meta_data":{"post_id":"17311","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2025-08-24 13:50:14","updated":"2025-10-15 16:25:19","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tMalicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot info@thehackernews.com (The Hacker News)","link":"https:\/\/sekuritasit.com\/index.php\/2025\/08\/24\/malicious-go-module-poses-as-ssh-brute-force-tool-steals-credentials-via-telegram-bot-infothehackernews-com-the-hacker-news\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=17311"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17311\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/17312"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=17311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=17311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=17311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}