"Gophering": How to Catch Cyber Gophers, Not the Bill Murray Way

“Gophering”—How to Catch Cyber Gophers, Not the Bill Murray Way: Detect ‘19 Series


Go is a programming language that was developed inside Google in 2007 with an increased adoption rate each year. It was developed for the 21st century with a focus on simplicity and readability. Go also has a well-designed concurrency model and support for cross-compilation which can be useful features for malware authors.

Until recently, there has only been a handful of new malware written in Go and found in the wild each year. In the last couple of months, there has been a noticeable uptick in its use amongst threat actors, even Advanced Persistent Threat (APT) actors are using the language.

The purpose of this presentation is to introduce the nuances of Go binaries and show how a statically compiled and stripped monolith with over 6000 subroutines can be reduced down to the actual important code.

Watch the on-demand webcast led by Joakim Kennedy, Threat Intel Manager at Anomali, today.

View Now!

NOTE: A valid email address is required to receive your requested asset.