[EP_X0FF]

no one has code to just copy and paste?

One of the reasons, however I can tell that for years github full of projects that can be used in malware, making it what now called "APT". They don't use it or use it in idiotic way (patchwork "apt"). Malware industry is quite inertial. I would say Windows malware "golden age" (2003-2013) is over and all what is left - primitive encoding shit as top of Windows malware evolution. Windows XP is dead and more platforms available at market, so why really bother inventing something new in Windows if you have solutions working well already? Russian "darknet" is a fiction created by MSM. Most of it - primitive script-kiddie marketplaces with idiots copy-pasting and selling exploit.db/github/zeus/carberp/alureon code. Yeah it is more "advanced" than hackforums but really nothing to do with innovations.

Javascript loaders only download the malware via whatever exploit but Javascript is not the main malware programming language.

RAA ransomware is pure java scipt. And it doesn't matter because loader is the same malware not less what it downloads.

[wagner]

OP, you should try Go (golang). It's simple lang, but have powerfull stdlib and crosscompile from Linux/Mac to Windows. Just try it.

[Brock]

Go language will likely be more popularized among the malware community due to Mirai botnet source code being released recently. IMHO from dabbling with this language I'd say Mozilla Rust > Google's Go language in terms of overall ability to be labeled a "Systems Level" language. In the end, I'll stick to pure c though

[EP_X0FF]

Just because of Mirai webshit part? I doubt.

[Brock]

Hi EP_X0FF,

I never underestimate the level of idiocy possessed by a skiddie when malicious projects are open-sourced. Take for example the UACMe you share on this forum, is it not being used elsewhere and for malicious purposes? Likely with few or even NO modifications to it? Why adapt to a new language when you don't have to? Skiddies would rather copy + paste another's work and rebrand it as something "new" leaving the original program design, logic and language use intact. On that note, I do believe that Google's Golang is appealing to these types of script kiddies because it's fairly powerful as a systems level language, syntactically simple and works on 7 different architectures out-of-the box allowing it to be portable and deployed on virtually any other platform.

Do I see "Go" ever taking over as the goto language for malware creation? :lol: No, I am not delusional. My initial and only point is that it "may" or "likely may" encourage skiddies to learn more about Go at least now that they've seen highly successful attacks on DynDNS driven sites as well as some servers based in France that have "reported" attacks which at their peak were ~1.5 tbps etc. due to Mirai and likely other variants created as I post this will follow suit. Prior to this the last fairly publicized malware using Go dates back to 2012??? since the language itself is not popular by any means within the malware industry and still under the radar of most security researchers. If more of these crapware projects are open-sourced I believe over time it will be more widely used within the malware realm but perhaps no time soon, really. Only time will tell of course. I think the language is shit myself but this is just my personal opinion. Good day

[MalwareTech]

Hi EP_X0FF,

I never underestimate the level of idiocy possessed by a skiddie when malicious projects are open-sourced. Take for example the UACMe you share on this forum, is it not being used elsewhere and for malicious purposes? Likely with few or even NO modifications to it? Why adapt to a new language when you don't have to? Skiddies would rather copy + paste another's work and rebrand it as something "new" leaving the original program design, logic and language use intact. On that note, I do believe that Google's Golang is appealing to these types of script kiddies because it's fairly powerful as a systems level language, syntactically simple and works on 7 different architectures out-of-the box allowing it to be portable and deployed on virtually any other platform.

Do I see "Go" ever taking over as the goto language for malware creation? :lol: No, I am not delusional. My initial and only point is that it "may" or "likely may" encourage skiddies to learn more about Go at least now that they've seen highly successful attacks on DynDNS driven sites as well as some servers based in France that have "reported" attacks which at their peak were ~1.5 tbps etc. due to Mirai and likely other variants created as I post this will follow suit. Prior to this the last fairly publicized malware using Go dates back to 2012??? since the language itself is not popular by any means within the malware industry and still under the radar of most security researchers. If more of these crapware projects are open-sourced I believe over time it will be more widely used within the malware realm but perhaps no time soon, really. Only time will tell of course. I think the language is shit myself but this is just my personal opinion. Good day

Mirai is not written in Go, it's C.

[Brock]

https://github.com/jgamblin/Mirai-Sourc ... /mirai/cnc

Not all in c. Enough "Go" is present, also a module in tools etc. Maybe you've not seen the source?

[MalwareTech]

https://github.com/jgamblin/Mirai-Sourc ... /mirai/cnc

Not all in c. Enough "Go" is present, also a module in tools etc. Maybe you've not seen the source?

That's like saying Zeus is coded in PHP. The C2 is Go, the malware is C.

[Brock]

Not arguing semantics here, c&c part is still a portion of the malware itself, since it needs it to function. Arguing intrinsics is pointless

[Voltron]

As have been said, main reasons probably:

1. Code reuse ( much of the code that has been already leaked and ready to be weaponized is written in C/C++)
2. Due to its easy easy deployment. Closer to byte code --> less problems.