GobRAT malware written in Go language targeting Linux routers

JPCERT/CC confirmed router infections in Japan by GobRAT, a Go-based RAT that targets publicly accessible router web UIs to deploy a loader, persistence scripts, and a packed multi-architecture payload; the report details the attack flow, persistence and daemon scripts, gob-over-TLS communications, AES-128-CTR string encryption with hard-coded key/IV, 22 C2-driven commands (including SOCKS5, frpc, remote execution, scanning/attacks), C2 domains, and hashes for scripts and malware samples.