Symantec Investigators Caution about Trojan Python

Researchers from Symantec the security company report of one PC virus named Python.Pytroj they found created with the Python programming, as it contaminates .pyc files without difficulty, published Secfence blog in news during the 2nd-week of October 2011.

It may be noted that Python is one vibrant programming language that is used for general reasons as also it's multi-patterned.

Describing the said virus' infection, Symantec outlines that it is unleashed with a fairly novel technique and security analysts require giving it attention. Within the current instance, files whose suffix is .pyc have been put to test since during the running of .py program, these files alone emerge.

Moreover, as lure for the test were "a.pyc" and "exploit.pyc" that were generated from "a.py" and "exploit.py" files when these files were run via issuing a command namely "python-c." Actually, when "exployt.pyc" is run and which is behind the real destruction, a.pyc contracts infection through the utilization of Python's marshal module that disaggregates and breaks the serialization of the .pyc documents. However, once the source is injected with the malware, the documents are again serialized and aggregated with that same module with which the earlier course of action was performed.

Also as found, this infection form is interesting in that the malware isn't merely injected, but it is infused with the prevailing malevolent binary, state the researchers.

Remarking about this feature the Python.Pytroj malware projects, Security Researcher Stephen Doherty at Symantec stated that the virus' payload within the binary isn't just injected; however, it is sprinkled with the prevalent malicious binary. Crn.com.au reported this in news on October 12, 2011.

In addition Doherty stated that the assault medium of the Python had the potential for turning dangerous were it utilized in accompaniment with harmful codes.

However, for eradicating the lethal Python.Pytroj malware from the PCs of Internet researchers, Symantec outlines certain essential instructions for these researchers. They're opening Windows Task Manager for aborting each of the virus' executable processes, then wiping off the related registry entries using Windows Registry Editor, and finally locating as well as wiping each and every Python.Pytroj files off the PCs.

Related article: Sentence for American Contractor for Sabotaging Government Navy Computers

» SPAMfighter News - 10/19/2011