Creator of Malware Using “Exotic” Programming Language

Creator of Malware
Share It On:

30th July 2021, Kathmandu

Threat actors are increasingly turning to “exotic” programming languages, such as Go, Rust, Nim, and Dlang, which can better circumvent traditional security protections, evade analysis, and hamper reverse engineering efforts.

“Malware authors are known for their ability to adapt and modify their skills and behaviors to take advantage of new technologies,” said Eric Milam, vice president of threat research at BlackBerry. “This strategy has multiple development cycle benefits and the inherent lack of protection product coverage.” Malware makers may be known to quit any job slowly. Still, they are happy to adopt a new programming language for the same reason as their law-abiding counterparts – it helps eliminate weak spots in the development cycle, for example. . Furthermore, from the perspective of malware authors, the new language puts its creation one step ahead of protection tools, or two or three steps.

Malware authors are known for their ability to adapt and modify their skills and behaviors to take advantage of new technologies,” wrote Eric Milam, vice president of threat research. “This reaps multiple benefits from the lack of coverage inherent in the development cycle and protection solutions.”

On the one hand, languages ​​like Rust are more secure because they provide guarantees such as memory-safe programming, but when malware can also be a double-edged sword when engineers abuse the same functions designed to provide more protection for their advantages, which makes the malware less vulnerable to exploitation and prevents attempts to activate Killswitch and renders them powerless.

The Stack Overflow team noted that binaries written in these languages ​​could appear more complex, complicated, and tedious when unmounted. The researchers said that pivot adds a layer of confusion simply because they are relatively new, leading to, In this case, malware developed in traditional languages ​​such as C ++ and C # is actively reorganizing itself, using droppers and loaders written in alternatives. Unusual to evade detection by terminal security systems.

Earlier this year, the enterprise security company Proofpoint discovered new malware written with Nim (NimzaLoader) and Rust (RustyBuer), allegedly used to distribute and implement Cobalt Strike and ransomware through social engineering activities. Similarly, CrowdStrike observed a ransomware sample last month that borrowed implementations of early variants of HelloKitty and FiveHands while using a Golang wrapper to encrypt its main C++-based payload.

Rust Convuster Adware, Rust Convuster Adware, RustyBoteles Downlouer The TeleBots downloader BlackBerry researchers concluded that the same malicious technology in a new language is usually not detected at the same speed as a technology written in a more mature language.

 Chargers, droppers, and wrappers […] in many cases are just changing the first stage of the infection process rather than changing the core components of the movement. This is the latest threat actor moving the route outside of the security software that may not be activated in the later stages of the original campaign. “


Share It On:

Recent Posts

Samsung Galaxy A16 5G Launched With Record-breaking 6 Generations Of OS Upgrades and 6 years of security updates in mid-segment

Samsung Galaxy A16 5G Launched With Record-breaking 6 Generations Of

Share It On:9th November 2024, Kathmandu Samsung has announced the Galaxy A16 5G, a new affordable midrange smartphone with a

NIA Faces New Dividend Distribution Guidelines For Compliance

NIA Faces New Dividend Distribution Guidelines For Compliance

Share It On:9th November 2024, Kathmandu The Nepal Insurance Authority (NIA) has announced stricter regulations for insurance companies regarding dividend

China’s AIM Vaccine Submits Clinical Trial Application for Next-Gen Human Diploid Rabies Vaccine: High Efficiency, Flexibility, and Safety Enhancements

China’s AIM Vaccine Submits Clinical Trial Application for Next-Gen Human

Share It On:9th November 2024, Kathmandu AIM Vaccine, the world’s second largest supplier of rabies vaccines, announced on 7th November

Kathmandu University Appoints Modnath Marhatta As Principal Of Nepal Medical College

Kathmandu University Appoints Modnath Marhatta As Principal Of Nepal Medical

Share It On:9th November 2024, Kathmandu Nepal Medical College has appointed Prof. Dr. Modnath Marhatta as its new principal for

Pathibhara Cable Car Launched in Taplejung: Completion Expected in 15 Months

Pathibhara Cable Car Launched in Taplejung: Completion Expected in 15

Share It On:9th November 2024, Kathmandu The foundation for the much-anticipated Pathibhara Cable Car project, connecting Taplejung’s renowned Pathibhara Temple,

SmartChoice Partners MyPay For Smart QR Payments in Nepal

SmartChoice Partners MyPay For Smart QR Payments in Nepal

Share It On:9th November 2024, Kathmandu In a landmark move towards enhancing digital payment solutions, SmartChoice Technologies (SCT) and Smartcard