A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.

Dangerous new GoSerpent malware is apparently on the hunt for government secrets | Daily Reports Online

Share


  • Kaspersky uncovers GoSerpent, a long‑running campaign on Southeast Asian government systems using a backdoor, RAT (Stowaway), and exfiltration tool (TmcLoader)
  • Attackers showed extreme patience, waiting weeks before deploying secondary tools to evade detection and outlast log retention policies
  • Attribution remains uncertain, but overlaps with past TetrisPhantom operations; defenders are urged to review shared IoCs to detect compromise

Security researchers Kaspersky discovered a five-year-old piece of malware that’s been hiding on government computers in the Southeast Asian region, harvesting secrets and other actionable intelligence.


The company analyzed a campaign called GoSerpent, which comprises of a backdoor of the same name, a Remote Access Trojan (RAT) called Stowaway, and a two-stage data exfiltration tool called TmcLoader.



Similar Posts