A cracked malicious version of a Go package lay undetected online for years
Posted by:
Emma Walker
A cybersecurity incident targeting Go developers has surfaced, involving a malware-laden fork of the popular database module BoltDB. The malicious code was discreetly injected into the fork, allowing remote access to compromised systems. The attacker manipulated Git tags and utilized the Go Module Mirror service to cache the infected version indefinitely, evading detection for three years. The backdoored package grants threat actors control over infected systems, posing a significant security risk. Researchers have raised awareness about this software supply chain attack and are working to eliminate the threat from the Go Module Proxy.
Recent Posts1
