Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
What is said to be the first trojan targeting the Python programming language has been discovered.
The Trojan, Python.Pytroj, infected .pyc Python files with arbitrary code and was discovered in a proof of concept form by Symantec researchers.
It was not considered a "serious risk", researcher Stephen Doherty said.
The virus when executed scans and infects any .pyc Python files it found. and displays the message "you have been exploited".
The malware worked by interleaving viral code into binary code, deserialised and disassembled by the marshal module of Python.
The module then reassembled and serialised the infected code.
"The malicious code in the binary is not simply added or inserted, but interleaved into the existing binary," Doherty said.
He said the Python attack vector could become a threat if it was used with dangerous payloads.
Symantec has a detailed analysis on its blog.
Copyright © SC Magazine, Australia
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.