Naturally, the Old Dogs, New Tricks paper, which you can freely register and freely download here, can be read by anyone interested in the latest cybersecurity research and information, is an in-depth 51-page PDF report aimed at security analysts, researchers, CISOs, IT execs and threat hunters.
BlackBerry is releasing it as part of its threat intelligence and research methodology contribution to the security community. We're told "the report uncovers the “tip of the iceberg” of a trend where threat actors are pivoting to cybersecurity blind spots by using new and less traditional programming languages, making it harder for anti-malware programs to detect threats.
We're told these "new and uncommon programming languages are being used for malicious intent, which leads to them being found in a growing number of malware families" and that "the intelligence paper explores how the languages are being leveraged and what security analysts should look out for during threat hunting and forensic analysis."
For the CISOs and managers within enterprises, the paper will provide insight into how to keep their networks safe while anti-malware products play catch up to continually evolving obfuscation methods and highlight the skills they will need internally to understand and block new threats.
|
|
BlackBerry's Research and Intelligence Team posted a blog about the new paper here, which I've reprinted below:
"For defenders to maintain a competitive advantage over attackers, it’s important to recognize emerging trends by threat actors. One such trend BlackBerry has observed in 2021 is the practice by malware authors of leveraging new and uncommon programming languages to evade detection and hinder analysis.
"Malware authors have a reputation for being slow to change what works for them. But with millions of dollars in corporate ransoms now up for grabs, this is no longer the case. Some malware groups have taken the opportunity to branch out and try new or “exotic” programming languages to address specific pain-points in their development process, or to try to evade detection by defenders.
"A new BlackBerry white paper, Old Dogs New Tricks: Attackers Adopt Exotic Programming Languages, explores this trend and reveals the motivations and impact it may have on the threat landscape."
“Malware authors are known for their ability to adapt and modify their skills and behaviors to take advantage of newer technologies,” says Eric Milam, VP of Threat Research at BlackBerry. “This has multiple benefits from the development cycle and inherent lack of coverage from protective products. This paper looks into less prolific programming languages and their use in the malware space. It is critical that industry and customers understand and keep tabs on these trends, as they are only going to increase.”
Read BlackBerry’s Deep Dive Into Go, D, Nim, and Rust
The BlackBerry Research & Intelligence Team chose four uncommon programming languages of interest to examine: Go, D, Nim, and Rust.
"This choice was due in part to BlackBerry’s detection methodology, which identified an increase in the use of these languages for malicious intent, and exposed an escalation in the number of malware families being identified and published using these languages. These four languages have also piqued our interest because they could be considered well developed and supported, with strong community backing.
"While the trend of using exotic programming languages by threat actors is not new, BlackBerry aims to shed light on the state of the current threat landscape regarding these new and emerging languages. In this white paper, BlackBerry’s research team covers the reasons behind exotic language adoption, and provides valuable tips for detecting and preventing malware that takes advantage of these challenging new methods."
You can read about the research here, and freely register to download the free report here.
