Researchers Uncover Malicious Go Modules Capable of Irreversible Disk Damage

Cybersecurity researchers have discovered three malicious Go modules containing obfuscated code designed to retrieve next-stage payloads capable of irreversibly rewriting the main disk of a Linux system and rendering it unbootable. The package names are: github[.]com/truthfulpharm/prototransform, github[.]com/blankloggia/go-mcp, and github[.]com/steelpoor/tlsproxy. Although these modules appear legitimate, they are being used in an advanced supply chain attack.