Post by Iru

Iru researchers caught a new cross-platform RAT mid-development. While running an internal ML experiment, our detection model flagged a cluster of Go binaries scoring 100 out of 100 on suspicion heuristics, which led to further digging. Our team is tracking the samples as SStar Agent. Most of the Mach-O samples were sitting at zero detections on VirusTotal. Our team has written up an analysis of the macOS and Windows variants with the IOCs here: https://lnkd.in/eCz7xPXt