Expert Insight On Buer Malware Rewritten in Rust

By   ISBuzz Team
Writer , Information Security Buzz | May 04, 2021 04:02 am PST

BACKGROUND: 

Proofpoint Research has released findings of a new variant of the Buer malware loader distributed via emails masquerading as shipping notices. The new strain is rewritten in a coding language called Rust. Key findings include: malware written in Rust enables the threat actor to better evade existing Buer detection capabilities, as well as Proofpoint observing RustyBuer campaigns delivering Cobalt Strike Beacon as a second-stage payload in some campaigns. Saumitra Das of Blue Hexagon offers perspective.