2021 has seen Malware Developers reach outside the normal development languages such as C and Delphi to craft samples in GoLang and Rust, with the apparent goal of making malware analysis and anti-virus signature development more difficult. BuerLoader has a complete rewrite to Rust that was first reported in May 2021 and is in active use. The malware authors’ focus has been on loaders and droppers, using exotic API calls and signatures to give the malware an edge in anti-virus evasion. Researchers also noted that commodity malware such as Remcos and Nanocore RATs and even Cobalt Strike Beacons are now being re-written in other programming languages. Blackberry Researchers observed “This assumption is based upon the fact that new Go-based samples are now appearing on a semi-regular basis, including malware of all types, and targeting all major operating systems across multiple campaigns.”
Using Microsoft Sentinel to Detect Confluence CVE-2022-26134 Exploitation
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is