The rise of rust in cybersecurity: what you need to know

By Amir from the Bek Brace YouTube channel

In recent years, developers have made it clear that they are eager to learn and master the Rust programming language, and that they are not alone.
Cybersecurity researchers have discovered that ransomware gangs are now rewriting their malicious software in Rust. This shift is catching the attention of the security world because Rust offers unique advantages in creating more advanced and harder to detect malware.

Reports from TrendMicroa leading cybersecurity company, reveals that a group known as Agenda recently released a new version of their ransomware, written in Rust. This new version has been used to target manufacturing and IT companies. Previously, the ransomware was written in Go (believe it or not!) and was mainly used to attack healthcare and education organizations.

Several other ransomware groups, including BlackCat, Hive, and RansomExx, have also adopted Rust for their malware development. This switch allows them to more easily adapt their code to machines running Windows or Linux, making Rust an attractive tool for cybercriminals.

The use of Rust in malware development is concerning because it makes defending against malicious software more difficult. According to Trend Micro researchers, “Attackers appear to be moving their ransomware to Rust because modern versions of Rust lack some of the detection features found in ransomware written in Golang.” Rust’s growing popularity among hackers stems from its difficulty to analyze and lower detection rates by antivirus software.

Rust’s features, which appeal to developers, also make it a valuable resource for attackers. Andrew Hay, CEO of LARES Consulting, highlights two key benefits of using Rust: “First, Rust provides low-level access to hardware and memory, allowing for extremely low-level code creation, which is harder to achieve in other languages .Second. Rust is incredibly fast, provides high performance while ensuring memory safety.”

Ironically, Rust’s growing popularity is due to its ability to let developers write code with fewer security issues compared to other languages, such as C++. This is because Rust is inherently more secure in terms of memory management and concurrent programming.

As criminal organizations adopt Rust, security experts warn that companies need skilled developers who are skilled in Rust and understand its security implications. This knowledge will help them protect vulnerable infrastructure and prevent ransomware attacks written in Rust from causing significant damage.

Melissa Bishopdirector of Endpoint Security Research at Tanium, emphasized the importance of technical professionals skilled in Rust to reverse engineer malicious software. She noted: “As attackers and defenders continue to evolve, research and detection capabilities must keep pace with the latest changes in malware. Currently, there are fewer tools and experts who are highly skilled at reverse engineering malware written in Rust, making it an attractive option for attackers, at least for now.”

Bud BroomheadCEO of Viakoo, also pointed out that as Rust becomes more popular among developers and cybercriminals, organizations need technical professionals who understand the language and how it can be used to make applications more secure. It is also critical to understand how attackers can use a core set of techniques to create their malicious programs.

In summary
Rust is becoming an increasingly popular programming language among hackers for creating sophisticated malware. Its high-level control, security features and flexibility make it an ideal tool for developing stealthy and advanced malicious software such as botnets, cryptojacking attacks and ransomware. Cybersecurity professionals face challenges defending against malicious Rust programs, including Rust’s key security features, its compatibility with security tools, and the difficulty in detecting Rust-based attacks. As Rust’s popularity grows, it will likely become a go-to language for cybersecurity professionals.

As more and more cybersecurity experts become familiar with Rust and its features, we can expect to see new tools and techniques developed to detect and mitigate Rust-based threats.

Conclusion
Finally, dear DEV readers, it is essential to protect your devices against ransomware and other security vulnerabilities. Avoid downloading unknown files or pirated software as they carry a high risk of ransomware infection.
I hope this article has aroused your curiosity about Rust and encouraged you to learn and use it in the near future.
Thanks for reading, and I’ll read the next one!
https://youtube.com/bekbrace
https://instagram.com/bek_brace
https://x.com/BekBrace