Trojan.StealthWorker.GO

Short bio

Trojan.StealthWorker.GO is Malwarebytes’ detection name for a trojan written in Golang that adds the infected computer to a botnet.

Type and source of infection

Trojan.StealthWorker.GO adds the affected system to a botnet designed to bruteforce Magento sites.
Trojan.StealthWorker.GO was found as the payload for Trojan.WallyShack.

Protection

Malwarebytes protects users from Trojan.StealthWorker.GO by using real-time protection.

block Stealthworker

Malwarebytes blocks Trojan.StealthWorker.GO

Remediation

Malwarebytes can detect and remove Trojan.StealthWorker.GO without further user interaction.

  1. Please download Malwarebytes to your desktop.
  2. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  3. Then click Finish.
  4. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  5. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  6. When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  7. Restart your computer when prompted to do so.

Traces/IOCs

fdc3e15d2bc80b092f69f89329ff34b7b828be976e5cbe41e3c5720f7896c140


5.45.69.149:7000

Related blog content

New Golang brute forcer discovered amid rise in e-commerce attacks

How to protect your data from Magecart and other e-commerce attacks

Analyzing a new stealer written in Golang

Select your language