Overview
Watch a 42-minute conference talk from Ekoparty Security Conference that addresses the challenges of analyzing Rust-based malware and introduces Project 0xA11C (Oxalic). Learn how malware analysts face obstacles when new programming languages emerge, drawing parallels between Go and Rust adoption in malicious code. Explore how Rust's unique features like memory safety, compiler optimizations, and complex type systems create particularly challenging analysis scenarios. Discover a practical methodology and toolset for making Rust reverse-engineering more approachable, demonstrated through real-world analysis of APT malware examples including RustDown, RustBucket, and Spica. Gain insights into the growing Rust malware ecosystem and understand how this new approach helps overcome traditional analysis barriers that adversaries have exploited.
Syllabus
Project 0xA11C: Deoxidizing the Rust Malware Ecosystem - Fishbein & Guerrero-Saade - Ekoparty 2024
Taught by
Ekoparty Security Conference