Just found this (on reddit). I'd love to know more about what's going on.

It's amusing that the Go app was built in a highly controlled environment, while the kernel was built on some random laptop (and was compromised).

It seems like the attack was highly specialized, so I assume that the PII being handled by this client/victim is pretty valuable?