A new study on cyber threats conducted by BlackBerry’s Research and Intelligence team has revealed a new trend among threat actors: using old and famous code but rewritten in new and uncommon languages to evade detection by defenders.
Malware authors have a reputation for being slow to change what works for them. But with millions of dollars in corporate ransoms now up for grabs, this is no longer the case. Some malware groups have taken the opportunity to branch out and try new or “exotic” programming languages to address specific pain-points in their development process.
“Malware authors are known for their ability to adapt and modify their skills and behaviors to take advantage of newer technologies,” says Eric Milam, VP of Threat Research at BlackBerry. “This has multiple benefits from the development cycle and inherent lack of coverage from protective products. This paper looks into less prolific programming languages and their use in the malware space. It is critical that industry and customers understand and keep tabs on these trends, as they are only going to increase.”
The BlackBerry’s new “ Old Dogs, New Tricks ” report says that the BlackBerry Research & Intelligence Team chose four uncommon programming languages of interest to examine: Go, D, Nim, and Rust.
This choice was due in part to BlackBerry’s detection methodology, which identified an increase in the use of these languages for malicious intent, and exposed an escalation in the number of malware families being identified and published using these languages.
“These languages have also piqued our interest because they could be considered more developed, and they have a strong community backing. While this trend is nothing new, BlackBerry aims to shed light on the state of the current threat landscape regarding these new and emerging languages. In our new white paper, we’ll cover the reasons for their adoption, as well as what areas we expect to see a further uptick in, as this trend enters its next evolution.”
While the trend of using exotic programming languages by threat actors is not new, BlackBerry aims to shed light on the state of the current threat landscape regarding these new and emerging languages. In this white paper, BlackBerry’s research team covers the reasons behind exotic language adoption, and provides valuable tips for detecting and preventing malware that takes advantage of these challenging new methods.