[SANS ISC] No Python Interpreter? This Simple RAT Installs Its Own Copy

I published the following diary on isc.sans.edu: “No Python Interpreter? This Simple RAT Installs Its Own Copy“:

For a while, I’m keeping an eye on malicious Python code targeting Windows environments. If Python looks more and more popular, attackers are facing a major issue: Python is not installed by default on most Windows operating systems. Python is often available on developers, system/network administrators, or security teams. Like the proverb says: “You are never better served than by yourself”, I found a simple Python backdoor that installs its own copy of the Python interpreter… [Read more]

The post [SANS ISC] No Python Interpreter? This Simple RAT Installs Its Own Copy appeared first on /dev/random.

Article Link: https://blog.rootshell.be/2021/04/09/sans-isc-no-python-interpreter-this-simple-rat-installs-its-own-copy/