Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Cyberattackers are launching attacks in Rust programming language, ET CISO

Cyberattackers are launching attacks in Rust programming language, ET CISO

Cyberattackers are launching attacks in Rust programming language, ET CISO

<p>There were 2.8 million Rust developers worldwide in 2023.</p>
There were 2.8 million Rust developers worldwide in 2023.

Cyberattackers have a new exploitation tool Rust programming language. Popular ransomware and malware families on the dark web such as BlackCat (ALPHV), Hive, Luna, RansomExx, and Agenda are increasingly launching attacks coded in Rust language which are evading traditional threat detection solutions and are difficult for cybersecurity professionals to reverse engineer. Nearly 10-15% of ransomware attacks today are estimated to be coded using Rust.

What is Rust language?

Founded in 2015, Rust is a powerful coding language released by the Rust Foundation and backed by five companies – AWS, Huawei, Google, Microsoft, and Mozilla. According to Stack Overflow’s annual developer survey 2023, Rust has been “the most desired programming language” for eight years in a row with more than 80% of developers wanting to use it.

According to SlashData, there were about 2.8 million Rust developers worldwide in 2023, with a threefold jump in numbers over the past two years.

What makes it so popular?

GitHub attributes Rust’s popularity to “safety, performance, and productivity” over other coding languages such as C, C++, Python, and JavaScript. Sanjay Katkar, joint managing director at Quick Heal Technologies, said Rust’s most crucial advantage is memory safety which prevents buffer overflows. It also offers concurrency as well as zero-cost abstractions, allowing developers to write efficient and thread-safe code, he said.

Why do cyber attackers use Rust?

“Rust compilers make it very complex to reverse engineer any kind of a malicious binary that has been coded,” said Anshuman Sharma, director, cybersecurity consulting services at Verizon Business. “The detection or doing the autopsy of a malicious binary becomes complex and time-consuming.”

Predator group Luna, for instance, is using two encryption algorithms within the same malware, Daffy Hellman and AES encryption, which has not been seen before. “This makes it complex for generally used debuggers and disassemblers to reverse engineer and see what the code is doing,” Sharma said.

“Cybersecurity researchers have uncovered various instances of Rust-based malware, including remote access trojans targeting Windows systems, backdoors with cross-platform capabilities, etc.,” said Vaibhav Tare, chief information security officer, Fulcrum Digital.

One example, he said, is Rust-based threats like Rustruck, a wiper malware capable of destroying data on compromised systems, “showcasing the language’s potential for cybercriminal abuse”.

“The absence of memory leaks or crashes ensures that the ransomware remains persistent and effective, making it harder for detection and removal by security tools,” said Quick Heal’s Katkar.

What can security professionals do?

As traditional defense mechanisms struggle to detect and mitigate threats built with modern programming languages, organizations need to invest “in advanced threat detection techniques, threat intelligence sharing, and collaboration among security researchers”, said Katkar. Next-gen anti-malware systems can detect and suppress “even the most well-obfuscated pieces of malware – regardless of the programming language used,” said Aaron Bugal, field chief technology officer – APJ, Sophos.

  • Published On May 30, 2024 at 08:53 AM IST

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles


Scan to download App

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket