PumaBot: Go-Based Malware Brute-Forcing SSH on IoT Devices

PumaBot, a malware written in Go (Golang), is being used in attacks targeting Internet of Things (IoT) devices with open SSH ports. It brute-forces login credentials using dictionary attacks and then installs persistence payloads for cryptomining or lateral network movement.
Researchers say PumaBot operates multi-platform (Linux, ARM, MIPS) and has been found spreading across routers, NAS devices, and even smart TVs. Its strength lies in its modular payload system and encrypted C2 (Command & Control) communication.

Reference: bleepingcomputer