[DownGoat]

The most popular nim repository on Github except nim-lang itself is OffensiveNim which basically is a collection implementation of malware features in nim. It's a very popular language for red teamers. This has nothing to do with signed binaries.

[drewbitt]

So what’s the reason for Go? It too is eloquent enough to be able to write malware?

[piffey]

Golang binaries are had to analyze (or rather were, new tooling, etc). Assume vendors and automation are 5 years behind everyone else actually doing malware analysis by hand. Most of this blocking is probably running off of signatures and not behavior.