A newly discovered China-linked advanced persistent threat (APT) group, known as GopherWhisper, has been targeting government institutions in Mongolia with custom-made malware written in the Go programming language. The group's toolkit includes loaders, injectors, and backdoors, which enable attackers to gain and maintain access to compromised systems. This structured cyber-espionage operation suggests a high level of sophistication and planning. The use of Go-based malware is notable, as it allows for efficient and flexible deployment of various payloads. ESET researchers have been tracking GopherWhisper's activities, shedding light on the group's tactics and techniques1. The emergence of GopherWhisper highlights the evolving threat landscape, where state-aligned actors pose significant risks to national security and geopolitical stability. As state-aligned activity involving China continues to grow, it shifts the threat model from traditional cybercrime to geopolitical, requiring a different approach to mitigation and defense.