It seems that the GoLang programming language is very popular in malware generation software. This is mainly because it provides many benefits to Criminals, allowing them to invade unnoticed systems of their victims.
In July of 2019, a security researcher He discovered about 10.700 unique samples of malware, written in the Go programming language, also known as GoLang.
Why do hackers choose GoLang?
The features of this programming language give cybercriminals exactly what they want: to get into the systems they are targeting, without realizing it.
This language can create a single basic code for all major operating systems. The maliciously programs written in GoLang are large in size. This allows them to penetrate systems without being detected, as some antivirus programs cannot detect large files.
It also offers a rich "library ecosystem", which makes the process of creating malware quite smooth.
Recent use cases of this programming language
A trojan targeting e-commerce sites using brute force attacks was detected in February by 2019 and was written on GoLang.
The ransomware JCry, which had infected various systems as part of a coordinated cyberattack and targeted several Israeli sites, was also written in the same programming language.
Security researchers discovered in July, a cryptomining campaign that was spreading malicious GoLang software, targeting Linux servers.
Also in July, users in South Korea are hit by a campaign that transmits malicious software called GoBotKR, written in GoLang. It was spreading through torrent sites and allowed the attackers to remotely control an infected system.
Finally, the most recent case concerns the team Fancy Bear, which returned in September with an up-to-date malicious campaign. The updates include the payload written in the aforementioned language and the introduction of a new GoLang backdoor.
So it becomes clear that GoLang is gaining popularity among them hacker developing malware for cybercrime.