All-Python malware nasty bites Windows victims in Poland

19 April 2016
Comments Comments Off on All-Python malware nasty bites Windows victims in Poland
19 April 2016, Comments Comments Off on All-Python malware nasty bites Windows victims in Poland

All-Python malware nasty bites Windows victims in Poland

typewriter_wtf_648

Malware authors have put together a strain of malicious code written entirely in Python, in what may turn out to be an experiment in creating a new type of cross-platform nasty.

PWOBot is written entirely in Python, and compiled via PyInstaller to generate a Microsoft Windows executable.

The malware has already infected a number of Europe-based organisations, particularly in Poland, according to new research.

Distribution routes include the popular Polish file-sharing web service chomikuj.pl. Victims include a Polish national research institution, a Polish shipping company, a large Polish retailer, a Polish information technology organisation, a Danish building company and a French optical equipment provider.

“The malware itself provides a wealth of functionality, including the ability to download and execute files, execute Python code, log keystrokes, spawn a HTTP server, and mine Bitcoins via the victim’s CPUs and GPUs, according to security researchers at Palo Alto Networks.

The underlying code is cross-platform, so the nasty might easily be ported over to the Linux and OS X operating systems. That fact, coupled with a modular design, makes PWOBot a potentially significant threat.

More details on the nasty – including code extracts and other insights – can be found in a blog post by Palo Alto here.

[Source: The Register]

What next?

To find out more about how our Computer Healthcheck service could help keep your computers secure, please contact us today or call 01793 295000 to speak to a member of our team.

 

Comments are closed.

Bitnami