Jump to content

Is malware like Buer/RustyBuer written in Rust now detected in Emisoft?


Recommended Posts

The original Buer was written in C programming language, while the new variant is written in Rust programming language – leading researchers to name the new variant RustyBuer. "Rewriting the malware in Rust enables the threat actor to better evade existing Buer detection capabilities," said Proofpoint.  

 

[todays article on ZDnet.com ]

 

ErnieB

Link to post
Share on other sites

A change of programming language would more than likely invalidate any existing signatures. That just means we write new signatures for the newer variants that are not detected, and if someone happens to stumble upon any newer variants in the wild that Emsisoft Anti-Malware is not yet able to detect with signatures then the Behavior Blocker should quarantine any unknown programs or scripts that attempt to do anything potentially malicious.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...