Skip to main content

Criminals are jumping on this niche programming language to write the latest malware

Skull and Bones
(Image credit: Pixabay)

An open source programming language written by Google is becoming the favourite language for malware writers, according to a new report.

Analysis from cyber security company Intezer reports that the Go programming language is winning fans on the other side of the fence at an alarming rate.

The company claims that malware written in Go has been steadily increasing, with an increase of almost 2000% in new malware strains written in the language spotted in the wild.

No slowing down

The report notes that Go was awarded “Programming Language of the Year” by TIOBE in 2016 due to its popularity, which might have brought it to the attention of malware writers. 

As it breaks down some of the popular malware written in Go, the report notes that the language is used by both state-sponsored and non-state sponsored threat actors. 

“A big part of the current Linux malware written in Go are bots that either are used for DDoS or installing cryptominers,” observes Intezer as it analyzes the use of Go by threat actors in 2020.

According to ZDNet’s reading of the report, there are several main reasons that make Go a hit with unscrupulous developers. For starters, not only is the language easy to cross-compile between the three popular operating systems, Go-based binaries also make for tough study subjects for security researchers. 

Intezer also believes Go’s networking stack, which makes it one of the preferred languages for writing cloud-native apps, also makes it attractive for villainous elements.

Due to these reasons, the report predicts that the number of malware written in Go will continue to rise.

Via: ZDNet

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.