Are they really using it for memory-safety, or is it due to a greater difficulty in reverse-engineering captured malware in those languages?
Memory-safe languages so hot right now, agrees Lazarus Group as it slings DLang malware
Research into Lazarus Group's attacks using Log4Shell has revealed novel malware strains written in an atypical programming language. DLang is among the newer breed of memory-safe languages being endorsed by Western security agencies over the past few years, the same type of language that cyber criminals are switching to. At …
COMMENTS
-
Monday 11th December 2023 19:16 GMT HuBo
Lazy Meta-Curry
Wow! DLang sounds almost like a faster, compiled, LISP, the language that "freed ITS's hackers to think in unusual and creative ways" back in 1969. I'd congratulate the Norks' Lazarus Blacksmiths on this choice of PL but they're the bad guys so let's hope they either become more friendly through its use (via the mind-expanding side-effects of dynamic programming languages), or just plain choke on it (in the nicest possible way).
-
Monday 11th December 2023 19:30 GMT karlkarl
DLang is more important in this area in that it can directly consume C APIs (which is fairly important for malware accessing various operating system subsystems, almost exclusively exposed as C APIs).
Rust via bindgen to generate a fairly rough 80% of bindings and then fetching the rest of the bloat from NPM-style crates.io is less than ideal for anyone's software development pipeline, including malware authors.
C and C++ are still the malware language of choice though. It mirrors much of the industry at a systems-level to be fair.
-
Tuesday 12th December 2023 10:40 GMT Bebu
Not sure Walter Bright wanted this compliment.
D has been around a fair while and too bad a language. I guess it was Rust before Rust's time (or Golang's.)
Snobol4 or Icon next on these malefactor's list?
Apparently malware detection in part depends on the code generation patterns which varies sufficiently with the front end languages to elude detection.