The North Korean threat actor known as ScarCruft has been observed using an information-stealing malware with previous undocumented wiretapping features as well as a backdoor developed using Golang that exploits the Ably real-time messaging service.
“The threat actor sent their commands through the Golang backdoor that is using the Ably service,” the AhnLab Security Emergency response Center (
“The threat actor sent their commands through the Golang backdoor that is using the Ably service,” the AhnLab Security Emergency response Center (