In May 2023, the Trellix Advanced Research Center discovered a new Golang stealer, known as Skuld, that compromised systems worldwide. The malware targets sensitive information stored in certain applications, such as Discord and web browsers, and the Windows system. The author, Deathined, has taken inspiration from different open-source projects and malware samples to build up Skuld.

This new malware strain, written in Go, has been seen compromising systems across Europe, Southeast Asia, an the U.S. It’s stealing sensitive information from Discord, web browsers, etc.

    • borari@sh.itjust.worksOP
      1·
      1 year ago

      Yup, it’s a compiled binary that is executed on the victim user’s system.

      I edited the post to point to the actual report published by Trellis here. It’s a malware analysis report so it doesn’t go in to the methodology of the initial delivery but there is a little section at the beginning detailing some steps the malware developers took trying to trick users into thinking the “app” was buggy instead of malicious.