Go Malware Meets IoT - Challenges, Blind Spots, and Botnets
Asher Davila
DEF CON 33 · Day 1 · Main Stage
This talk, presented by Asher Davila and Chris from Palaton Networks, delves into the growing trend of malware written in Google's Go programming language, specifically focusing on its impact on **Internet of Things (IoT)** devices. The speakers illuminate the unique challenges Go presents to malware analysts and reverse engineers, from its characteristic large, statically-compiled binaries to its distinct string handling and compilation artifacts. The presentation aims to equip the security community with an understanding of Go malware’s intricacies and to highlight effective strategies and tools, including the burgeoning role of **AI-assisted analysis**, for dissecting these sophisticated threats.
AI review
Competent, well-structured survey of Go malware analysis tradecraft with three real samples and live tooling demos. Nothing here breaks new ground — the Go binary analysis challenges (static linking, string structs, PC line table) are documented territory, and the AI-assisted analysis angle is more 'we tested these tools' than 'we discovered something novel about them.' Fills a slot fine for practitioners who haven't done Go RE before.