A fair amount of actual malware is written in Go. One important reasons is probably because being statically compiled by default simplifies the whole deployment story, which matters even more for malware than many other things.
Go binaries share a lot of the same code: the Go runtime, stdlib. And the heuristics malware scanners use seem to have trouble with that.
Or at least: that's always been my assumption why so many legit Go binaries get flagged, but I don't really work in this space so what do I know...
Go binaries share a lot of the same code: the Go runtime, stdlib. And the heuristics malware scanners use seem to have trouble with that.
Or at least: that's always been my assumption why so many legit Go binaries get flagged, but I don't really work in this space so what do I know...