According to cybersecurity researchers, hackers are increasingly using rare programming languages to bypass security.
The BlackBerry Research and Intelligence team supports this claim by analyzing in a detailed report the increased use of four languages, namely Go, Rust, Nim, and DLang, by threat actors.
“Malware authors have a moniker that allows them to evolve and modify their skills and conduct to benefit from modern technologies. This offers many of the benefits of the development cycle and the lack of protective goods.” Eric Milam, vice president of BlackBerry threat research, wrote this when he introduced the findings. The researchers say they selected these four languages for analysis, not only because they are compatible with the recognition method.
The researchers explain that when malware is developed in a new language, they provide the example of rewriting BazarLoader as Nim. The virus is more likely to avoid detection based on the signature indicating the prior iteration.
Defenders must then generate a new signature to recognize this variant. Either manually with the help of human malware researchers or with the help of artificial intelligence (AI).
The researchers also believe that using a more unusual programming language helps hackers use the language itself as a layer of obscurity. Which not only helps bypass conventional security measures but also hinders analysis efforts.
“Despite cheaper shells and chargers, some resource-rich participants began rewriting their existing malware in exotic languages”. This has said by the researchers in their detailed analysis.