> TritonInfoSec News
Home / Apr 26, 2026 / Story
0
#4 SecurityWeek general April 25, 2026 at 10:50 UTC

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

By Ionut Arghire

AI Summary

China-linked APT group GopherWhisper uses multiple Go-based backdoors alongside custom loaders and injectors to target government entities while abusing legitimate services for command and control. The group's reliance on Go-based tooling and legitimate service abuse demonstrates sophisticated operational security practices for persistent government network access.

Read full article → https://www.securityweek.com/china-linked-apt-goph…

Relevance score: 85.0/100

# More from April 26

  1. 1
    FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches The Hacker News
  2. 2
    Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software The Hacker News
  3. 3
    CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline The Hacker News
  4. 5
    Threat actor uses Microsoft Teams to deploy new “Snow” malware BleepingComputer
  5. 6
    New BlackFile extortion group linked to surge of vishing attacks BleepingComputer
  6. 7
    Toronto police arrest three in Canada’s first mobile SMS blaster case The Record
  7. 8
    North Korea's Lazarus Targets macOS Users via ClickFix Dark Reading
  8. 9
    US Busts Myanmar Ring Targeting US Citizens in Financial Fraud Dark Reading
  9. 10
    ADT says customer data stolen in cyber intrusion The Record