OneClik Malware Hits Energy Sector With Golang Tool

Cybersecurity analysts have uncovered a sophisticated campaign called OneClik Malware Hits Energy that targets companies in the energy, oil, and gas industries. The operation exploits Microsoft’s ClickOnce technology, a legitimate software deployment tool, to distribute malicious payloads. Attackers then deploy customized backdoors written in Golang, enabling long-term access to compromised systems.

Researchers at Trellix noted that the campaign shares behavioral patterns commonly associated with China-linked threat actors. However, they cautioned against definitive attribution at this stage, citing a lack of conclusive evidence. The malware’s use of ClickOnce allows it to bypass traditional security defenses, making detection and mitigation more difficult for affected organizations.

The OneClik Malware Hits Energy campaign highlights a growing trend of threat actors repurposing legitimate technologies to infiltrate critical infrastructure. Security teams in the energy sector face increasing pressure to adapt their defenses to counter evolving tactics.

To read the full article and learn more, visit:
https://thehackernews.com/2025/06/oneclik-malware-targets-energy-sector.html