The Nodaria espionage group (aka UAC-0056) is using a new piece of information stealing malware against targets in Ukraine. The malware (Infostealer.Graphiron) is written in Go and is designed to harvest a wide range of information from the infected computer, including system information, credentials, screenshots, and files.
The earliest evidence of Graphiron dates from October 2022. It continued to be used until at least mid-January 2023 and it is reasonable to assume that it remains part of the Nodaria toolkit.
Read more…
Source: Symantec