Brief History of the Go Language
Golang, an open-source programming language created by Google in 2009, continues to be a go-to language for malware authors. Although the language is about 10 years old, given the features it offers, the malware development community has been making use of it in recent times and the rate of use has been steadily on the rise.
It has been reported the number of malware strains coded in the Go programming language has seen a sharp increase of around 2,000% over the last few years since 2017.
Advantages of GoLang over Python:
Recent cases of Golang:
SUNSHUTTLE is written in GO and reads an embedded or local configuration file, communicates with a hard-coded command and control (C2) server over HTTPS and supports commands including remotely uploading its configuration, file upload and download, and arbitrary command execution. Notably, SUNSHUTTLE uses cookie headers to pass values to the C2, and if configured, can select referrers from a list of popular website URLs to help such network traffic “blend in.”
This Go malware comes in 32-bit and 64-bit variants as both ELF and PE files, allowing the threat actor to develop the malware once and deploy it to many different architectures. The malware builds a pipe-separated user parameters string based on the victim machine’s computer name, user domain, user name, and several hardcoded values in the malware, and stores it for use throughout the malware’s execution.
According to GitHub 2.0, Python and Go were identified among the top five languages of 2019. In July 2019, researchers confirmed nearly 10,700 samples of malware that were written in GoLang. Google-created language is gaining popularity and prominence among hackers and the malware development community and may overtake the use of Python.
Please check you Email Inbox
Subscribe now and receive weekly newsletter with educational materials, , interesting
upcoming free events, popular books and much more!