Report: The number of malware written in the Go language has increased by 2,000%

The security company Intezer released the latest research report. Since 2017, the number of malware written in the Go language developed by Google has increased by more than 2,000%.

Intezer said in the report that the Go language has only been used by hackers to develop malware on a large scale in the past two or three years, and malware written in the Go language is rarely seen before 2019.

The company gave three explanations when analyzing why the use of Go language to write malware has become more and more popular:

CrescentCore malware

“Malware Notification”by Christoph Scholz is licensed under CC BY-SA 2.0

  1. The Go language has an excellent cross-platform performance. Malware developers only need to write code once, that is, they can compile programs that can run on Windows, Linux, and Mac systems.
  2. It is difficult for security company researchers to reverse-analyze files written in Go language. Therefore, major anti-virus software has a low rate of reporting malware in the Go language, making it impossible for ordinary users to find out whether their computers are poisoned.
  3. The Go language has obvious advantages in writing network stacks. At present, much cloud-native software including Docker, Kubernetes, and InfluxDB is written in Go language. So for malware developers, it is very convenient to use Go language to write malware that needs to send and receive network data packets frequently.

Intezer mentioned that most of this malicious software is targeted at Linux and IoT devices. They usually use poisoned equipment to mine cryptocurrencies or use them to conduct DDOS attacks. In addition, there has been more and more ransomware is written in the Go language.

Via: ZDNet