RIFT - New Open-Source Tool From Microsoft to Analyze Malware Hidden Within Rust Binaries

By open-sourcing RIFT, Microsoft aims to strengthen global cybersecurity defenses against the rising threat of Rust-based malware, providing the security community with essential tools to combat increasingly sophisticated cyber threats. The RIFT Static Analyzer serves as an IDA Pro plugin that extracts critical metadata including the Rust compiler commit hash, embedded dependencies, target architecture, and operating system information from binary files. Unlike traditional programming languages, Rust binaries are typically statically linked, incorporating extensive library code that can bloat executables to over 3MB while containing nearly 10,000 functions, compared to C++ programs with fewer than 100 functions and sizes under 20KB. The tool successfully distinguishes between attacker-written code and standard library functions, allowing analysts to focus on malicious logic rather than spending time identifying benign library code. Rust binaries have 10,000+ functions, making traditional malware analysis difficult. The RIFT Diff Applier provides analysts with an interactive interface for applying binary diffing results, operating in both interactive and auto-rename modes with configurable similarity thresholds. RIFT - Microsoft's open-source tool to analyze Rust-based malware like BlackCat and Hive ransomware.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 30 Jun 2025 15:30:15 +0000

Cyber News related to RIFT - New Open-Source Tool From Microsoft to Analyze Malware Hidden Within Rust Binaries

RIFT - New Open-Source Tool From Microsoft to Analyze Malware Hidden Within Rust Binaries - By open-sourcing RIFT, Microsoft aims to strengthen global cybersecurity defenses against the rising threat of Rust-based malware, providing the security community with essential tools to combat increasingly sophisticated cyber threats. The RIFT ...
2 hours ago Cybersecuritynews.com

FLOSS for Gophers and Crabs: Extracting Strings from Go and Rust Executables - To support the static analysis of Go and Rust executables, FLOSS now extracts program strings using enhanced algorithms. Where traditional extraction algorithms provide compound and confusing string output FLOSS recovers the individual Go and Rust ...
1 year ago Mandiant.com

Top 10 Best Dynamic Malware Analysis Tools in 2025 - FireEye Malware AnalysisEnterprise-grade solution, zero-day detection, integration with threat intelligence, memory forensics.Enterprise-grade malware detection and forensicsPricing details not publicly available; contact for quote.Yes6. Detux ...
4 months ago Cybersecuritynews.com

How to Extract Malware Configurations in a Sandbox - The most sought-after source of these indicators is malware configurations. Malware Sandboxing Leader ANY.RUN handles the heavy lifting of phishing and malware analysis for SOC and DFIR teams and also helps 300,000 professionals use the platform to ...
1 year ago Gbhackers.com

PixPirate: The Brazilian financial malware you can't see, part one - The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan malware that heavily utilizes anti-research techniques. Within IBM Trusteer, we saw several different ...
1 year ago Securityintelligence.com

New Linux Kernel Code Written In Rust To Eliminate Memory Safety Bugs - Since Rust was officially merged into the Linux kernel in October 2022, development teams have been steadily working to implement Rust-based drivers and components that inherently prevent common memory-related security issues. The Linux kernel has ...
3 months ago Cybersecuritynews.com

Critical Rust Flaw Poses Exploit Threat in Specific Windows Use Cases - The Rust Project has issued an update for its standard library, after a vulnerability researcher discovered a specific function used to execute batch files on Windows systems could be exploited using an injection flaw. The set of common functions ...
1 year ago Darkreading.com CVE-2024-24576

Open Source Password Managers: Overview, Pros & Cons - There are many proprietary password managers on the market for those who want an out-of-the box solution, and then there are open source password managers for those wanting a more customizable option. In this article, we explain how open source ...
1 year ago Techrepublic.com

Are the Fears About the EU Cyber Resilience Act Justified? - On Wednesday, July 19, the European Parliament voted in favor of a major new legal framework regarding cybersecurity: the Cyber Resilience Act. The act enters murky waters when it comes to open-source software. It typically accounts for 70% to 90% of ...
1 year ago Feeds.dzone.com

Are the Fears about the EU Cyber Resilience Act Justified? - "The draft cyber resilience act approved by the Industry, Research and Energy Committee aims to ensure that products with digital features, e.g. phones or toys, are secure to use, resilient against cyber threats and provide enough information about ...
1 year ago Securityboulevard.com

Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com

GoResolver - A New Tool to Analyze Golang Malware - Security researchers consistently encounter malicious binaries written in Golang that deliberately employ obfuscation tools like Garble to hinder analysis. The tool represents a significant advancement in the ongoing arms race between malware ...
2 months ago Cybersecuritynews.com

How to Remove Malware + Viruses - Malware removal can seem daunting after your device is infected with a virus, but with a careful and rapid response, removing a virus or malware program can be easier than you think. We created a guide that explains exactly how to rid your Mac or PC ...
1 year ago Pandasecurity.com

Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
1 year ago Pandasecurity.com

Top 30 Best Penetration Testing Tools - 2025 - The tool supports various protocols and offers advanced filtering and analysis capabilities, making it ideal for diagnosing network issues, investigating security incidents, and understanding complex network interactions during penetration testing. ...
2 months ago Cybersecuritynews.com

CVE Prioritizer: Open-source tool to prioritize vulnerability patching - CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities. It integrates data from CVSS, EPSS, and CISA's KEV catalog to offer insights into the probability of exploitation and the potential effects of ...
1 year ago Helpnetsecurity.com

Lazarus Group bang on trend with memory-safe Dlang malware The Register - Research into Lazarus Group's attacks using Log4Shell has revealed novel malware strains written in an atypical programming language. DLang is among the newer breed of memory-safe languages being endorsed by Western security agencies over the past ...
1 year ago Go.theregister.com Andariel Lazarus Group

Google Contributes $1 Million to Rust, Says It Prevented Hundreds of Android Vulnerabilities - Google today announced a grant of $1 million to the Rust Foundation, meant to help improve the interoperability between Rust and C++ code. The internet giant joined the Rust Foundation in 2021, for the same reason, and has adopted the memory-safe ...
1 year ago Securityweek.com

Any.RUN Sandbox Now Expanded to Analyze Linux Malware - The ANY.RUN sandbox has now been updated with support for Linux, further enhancing its ability to provide an isolated and secure environment for malware analysis and threat hunting. ANY.RUN allows malware analysts, SOC members, and DFIR team members ...
1 year ago Gbhackers.com

Researchers Compared Malware Development in Rust vs C & C++ Languages - A comprehensive analysis conducted in 2023 by the Rochester Institute of Technology aimed to assess whether malware developed in Rust truly presents greater challenges to security analysts than traditional C/C++ implementations. The investigation ...
3 months ago Cybersecuritynews.com

15 PostgreSQL Monitoring Tools - 2025 - What is Good?What Could Be Better?Monitoring application performance, user experience, and errors.Some users find the pricing high, especially for larger environments.Continuous server, database, and infrastructure monitoring.The extensive feature ...
1 month ago Cybersecuritynews.com

Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com