The BlackBerry Research and Intelligence Team substantiate this claim by analyzing the increase in use of four languages, namely Go (opens in new tab), Rust (opens in new tab), Nim and DLang by threat actors in a detailed report.
“Malware authors are known for their ability to adapt and modify their skills and behaviors to take advantage of newer technologies. This has multiple benefits from the development cycle and inherent lack of coverage from protective products,” wrote (opens in new tab) Eric Milam, VP of Threat Research at BlackBerry, introducing the research.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.
>> Click here to start the survey in a new window (opens in new tab) <<
- Protect your devices with these best antivirus software (opens in new tab)
- Here's our choice of the best malware removal (opens in new tab) software on the market
- These are the best endpoint protection tools (opens in new tab)
The researchers argue that they selected these particular four languages for analysis, not just because they are compatible with its detection methodologies, but also for their maturity level.
On their toes
Using the example of BazarLoader (opens in new tab) being rewritten in Nim, the researchers argue that when malware is authored in a new language, it has a greater chance of evading signature-based detection, which are tuned to identify its previous iteration.
The defenders will then have to create new signatures to detect these variants, either manually using human malware researchers or by using artificial intelligence (AI (opens in new tab)).
No surprise then that the researchers are tracking more loaders and droppers being written in rare languages, since it’s their job to bypass security measures before the real damaging malware can be deployed.
The researchers also believe that using more uncommon programming languages, helps the authors use the language itself as a layer of obfuscation, which not only helps bypass conventional security measures, but also hinder analysis efforts.
“Although wrappers and loaders are more cost-effective, some well-resourced threat actors are beginning to rewrite their existing malware using exotic languages,” note the researchers in their detailed analysis.
- We’ve also rounded up the best ransomware protection tools (opens in new tab)