CyberWire Daily Crafting malware with modern metals. [Research Saturday]
Apr 19, 2025
Join Nick Cerne, a Security Consultant from Bishop Fox with expertise in offensive security and malware development, as he dives into the fascinating realm of Rust in malware creation. He discusses how Rust's memory safety and anti-analysis features can enhance evasion tactics compared to traditional languages like C. Listeners will learn about the challenges of modern malware analysis and how evolving programming languages impact both malware development and cybersecurity defenses. Nick’s insights into realistic adversarial simulation are both enlightening and alarming!
AI Snips
Chapters
Transcript
Episode notes
Rust's Memory Management Complexity
- Rust's memory management via ownership complicates decompilation into pseudocode familiar to reverse engineers.
- Existing tools like Ghidra and IDA Pro struggle to translate Rust binaries into clear C-like code, hindering reverse engineering.
Challenges in Detecting Rust Malware
- Dedicated malware reverse engineers can understand malware regardless of programming language.
- Endpoint detection tools may struggle more with Rust malware, depending on their sophistication level.
Rust Ownership Hurdle for Malware Authors
- Learning Rust's ownership model is the biggest hurdle for malware authors moving from C.
- Once understood, malware developers can adopt Rust without much difficulty.