Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion
‎07-13-2020 05:20 PM
‎07-13-2020 05:20 PM

The Code is a Changin'

The vast majority of serious malware over the past 30 years has been written in Assembly and compiled languages such as C and C++ (sorry Cobol lovers you didn't make the list). Over the last decade we have seen the emergence of malware written in interpreted languages. Case in point: Python. Developing Python malware takes advantage of a massive ecosystem of open-source packages and repositories. Almost anything you could think of, someone has already built it using Python. This is a huge advantage to malware authors as simplistic capabilities can be picked à la carte from GitHub or other repo's. On top of that the portability of malicious Python code is exacerbated by the fact that you don't need an interpreter, native executable can be built on the fly.

 

Source: https://www.cyborgsecurity.com/python-malware-on-the-rise/Source: https://www.cyborgsecurity.com/python-malware-on-the-rise/

 

Reply
0 Kudos
4 Replies
JKWiniger
Community Champion
‎07-13-2020 06:59 PM
‎07-13-2020 06:59 PM

I would really have to disagree with these findings. Malware in general is trying to hit the most people as possible and the average person does not have a python interpreter installed. It seems like they could only target advanced users and developers which in most cases should have enough experience to see most malware coming...

 

Just my .02

 

John-

Reply
0 Kudos
AppDefects
Community Champion
‎07-13-2020 08:18 PM
‎07-13-2020 08:18 PM

One way of doing it is to bundle the Python interpreter, but you can just image how large a file that would be. Another simpler way is to just convert Python code and create Windows and/or Linux executable.

Reply
0 Kudos
JKWiniger
Community Champion
‎07-13-2020 08:55 PM
‎07-13-2020 08:55 PM

You can convert Python code into an executable?!? I did not know that. Learn something new every day!

 

John-

Reply
0 Kudos
Beads
Advocate I
‎07-14-2020 10:31 AM
‎07-14-2020 10:31 AM

You could if Pyinstaller or similar is on the machine but this quickly devolves into a "chicken before the egg" scenario. In order to create the executable you need control over the target first which negates the need to create the executable on the target.

 

I think what you are eluding to is to create the executable before sending it to the target otherwise your indicating taking over an already compromised target or intellectual sleight of hand.

 

- b/eads

Reply
0 Kudos