GopherWhisper: A burrow full of malware

ESET Research identified a previously undocumented China-aligned APT group, GopherWhisper, which targeted a Mongolian government entity using a diverse toolset of Go-based backdoors (LaxGopher, RatGopher, BoxOfFriends), injectors/loaders (JabGopher, FriendDelivery), an exfiltration tool (CompactGopher), and a C++ backdoor (SSLORDoor); the group abused Slack, Discord, Microsoft 365 Outlook, and file.io for C2 and exfiltration, and recovered C&C messages and draft emails that revealed operator activity, timezones consistent with UTC+8, and other operational details.