SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Cybersecurity
#
Malware
#
Intezer

SentinelOne & Intezer join forces to tackle Rust malware

Thu, 8th Aug 2024
Author image
By Imee Dequito, Editor

SentinelOne and Intezer have announced a collaborative effort to address the challenges posed by Rust malware. The aim of the project is to help threat researchers better understand and accurately characterize the complex malware ecosystem associated with the Rust programming language.

The initiative was revealed during the Black Hat 2024 conference. Researchers from SentinelLabs, the research division of SentinelOne, and Intezer will develop methodologies and open-source tools to aid in the reverse engineering of Rust malware. The project, named 0xA11C, seeks to make reverse engineering more approachable for cybersecurity professionals.

Juan Andrés Guerrero-Saade, AVP of Research at SentinelLabs, commented on the challenges associated with reverse engineering Rust malware. “In malware analysis, the arrival of a new programming language introduces an entirely new set of challenges that obstruct our ability to quickly grasp the malicious intent of a threat actor,” he said. “With the current state of our tooling, Rust is practically impossible to reverse engineer, and as a result, many analysts are shying away from researching the Rust malware ecosystem. Together with Intezer, we aim to change this.”

SentinelLabs has previously tackled the complexities of another programming language, Go, through a methodology dubbed AlphaGolang. This approach addressed the rise in Go malware by putting underlying data back in its context, making it easier to reverse engineer than traditional programming languages.

Nicole Fishbein, a Security Researcher at Intezer, described some of the distinctive features of Rust that contribute to its complexity. “The same features of Rust that engineers love, such as memory safety, aggressive compiler optimisations, borrowing, intricate types and traits, translate into a perplexing tangle of code that surpasses even C++ in the complexity of its abstractions,” she said. Fishbein added that insights from the development of AlphaGolang could provide additional clarity into the Rust malware ecosystem, and tools developed through Project 0xA11C would equip reverse engineers to tackle the issue head-on.

To learn more about and contribute to Project 0xA11C, researchers and interested parties are encouraged to visit SentinelOne's website for additional details. The collaborative effort between SentinelOne and Intezer aims to illuminate the blind spots surrounding Rust malware, allowing the cybersecurity community to stay ahead of potential threats.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Tecala joins Netskope MSP Program for enhanced cloud security
Cohesity & CrowdStrike expand partnership for advanced cybersecurity
Australian firms unprepared for privacy act identity security changes
Radware reports web DDoS attack activity
Australia's Privacy Act reforms: Business impact detailed
Top stories
Titans of Tech - Kip Compton of Fastly
Versent to assist in navigating mandatory climate reporting
SentinelOne named among best workplaces in technology for 2024
Cloudera launches new data security service amid breach surge
CrowdStrike & 1Password extend partnership to aid SMBs