? nim compiled and shelled

[scsijon]

I know from reading that the main use of nim is for compiled 'script', but I wonder if it would be possible to add it as a shell as well, such as ash, bash, etc, has in them. It would then enable it to be used while designing code or for short snipits that compiled code was unwarrented.

[williams2]

I know from reading that the main use of nim is for compiled 'script', but I wonder if it would be possible to add it as a shell as well, such as ash, bash, etc, has in them.

Are you aware of malware nim shells with backdoors?

A quick search for nim malware on duckduckgo:
Many of these web sites are hacker web sites (as in give us money to decrypt your files)

I have not included the web site urls, because I would expect hacker/cracker web sites to collect and attack ip addresses of your computers. I will not visit these web sites, knowingly.

I think this post should be erased soon, so that a search for nim and malware does NOT lead anyone here.

Investigation into the state of Nim malware
Nim Crypter. First we have possibly an adversary leveraging code from OffensiveNim to conceal an onboard encrypted binary, something we would normally refer to as a Crypter in the malware world ...

Investigation into the state of NIM malware Part 2
We did an investigation in the usage of NIM malware earlier in 2021[1] after the discovery of NimRod/Nimza[2,5] and RustyBuer[

Nim-Based Malware Loader Spreads Via Spear-Phishing Emails
The use of Nim is uncommon for malware in the threat landscape, except in rare cases, such as a Nim-based downloader recently seen being used by the Zebrocy threat group

Researchers Spotted Malware Written in Nim Programming Language
Cybersecurity researchers have unwrapped an "interesting email campaign" undertaken by a threat actor that has taken to distributing a new malware written in Nim programming language.. Dubbed "NimzaLoader" by Proofpoint researchers, the development marks one of the rare instances of Nim malware discovered in the threat landscape."Malware developers may choose to use a rare programming language ...

Chinese Hackers Distributing Nim language Malware in SMS
Cybersecurity researchers at Check Point have shared details of a new malware campaign suspected to be launched by a Chinese hacking group Tropic Trooper. The malware operators are using a unique loader Nimbda, written in Nim language, and a new variant of Yahoyah trojan. Researchers state that the hackers possess extensive cryptographic ...

TrickBot's BazarBackdoor malware is now coded in Nim to evade antivirus
TrickBot's stealthy BazarBackdoor malware has been rewritten in the Nim programming language, likely to evade detection by security software. The TrickBot ...

This malware was written in an unusual programming language to stop it ...
TA800 has often leveraged different and unique malware, and developers may choose to use a rare programming language like Nim to avoid detection, as reverse engineers may not be familiar with Nim ...

Chinese actor takes aim, armed with Nim Language and Bizarro AES
Malware authors, a superstitious and risk-averse lot, generally keep their distance from the primordial soup of programming languages trying to 'make it' in industry. We don't encounter many Haskell Banking Trojans or Prolog Ransomware binaries, and the same goes for Nim backdoors.

[BarryK]

nimscript:

https://nim-lang.org/docs/nims.html

But take note of williams2 warning.

[scsijon]

I know from reading that the main use of nim is for compiled 'script', but I wonder if it would be possible to add it as a shell as well, such as ash, bash, etc, has in them.

Are you aware of malware nim shells with backdoors?

A quick search for nim malware on duckduckgo:
Many of these web sites are hacker web sites (as in give us money to decrypt your files)

I have not included the web site urls, because I would expect hacker/cracker web sites to collect and attack ip addresses of your computers. I will not visit these web sites, knowingly.

I think this post should be erased soon, so that a search for nim and malware does NOT lead anyone here.

Investigation into the state of Nim malware
Nim Crypter. First we have possibly an adversary leveraging code from OffensiveNim to conceal an onboard encrypted binary, something we would normally refer to as a Crypter in the malware world ...

Investigation into the state of NIM malware Part 2
We did an investigation in the usage of NIM malware earlier in 2021[1] after the discovery of NimRod/Nimza[2,5] and RustyBuer[

Nim-Based Malware Loader Spreads Via Spear-Phishing Emails
The use of Nim is uncommon for malware in the threat landscape, except in rare cases, such as a Nim-based downloader recently seen being used by the Zebrocy threat group

Researchers Spotted Malware Written in Nim Programming Language
Cybersecurity researchers have unwrapped an "interesting email campaign" undertaken by a threat actor that has taken to distributing a new malware written in Nim programming language.. Dubbed "NimzaLoader" by Proofpoint researchers, the development marks one of the rare instances of Nim malware discovered in the threat landscape."Malware developers may choose to use a rare programming language ...

Chinese Hackers Distributing Nim language Malware in SMS
Cybersecurity researchers at Check Point have shared details of a new malware campaign suspected to be launched by a Chinese hacking group Tropic Trooper. The malware operators are using a unique loader Nimbda, written in Nim language, and a new variant of Yahoyah trojan. Researchers state that the hackers possess extensive cryptographic ...

TrickBot's BazarBackdoor malware is now coded in Nim to evade antivirus
TrickBot's stealthy BazarBackdoor malware has been rewritten in the Nim programming language, likely to evade detection by security software. The TrickBot ...

This malware was written in an unusual programming language to stop it ...
TA800 has often leveraged different and unique malware, and developers may choose to use a rare programming language like Nim to avoid detection, as reverse engineers may not be familiar with Nim ...

Chinese actor takes aim, armed with Nim Language and Bizarro AES
Malware authors, a superstitious and risk-averse lot, generally keep their distance from the primordial soup of programming languages trying to 'make it' in industry. We don't encounter many Haskell Banking Trojans or Prolog Ransomware binaries, and the same goes for Nim backdoors.

UGG, I did a few hunts from a 'public terminal' and it was even worse. Sorry Barry, but this makes me worry if this is the way to go in EasyOS.
EDIT: Just found an article that 'appears' to refer to the ability to embed the malware into the binary compiler, so it is always added. Definately not a good item.

[BarryK]

The potential problems are with nim script.

The nim compiler is like any other compiler, no more or less secure than any other.