Python Package Installation Can Trigger Malicious Code


Python Package Installation Can Trigger Malicious Code

Python is an interpreted high-level programming language for general-purpose programming. Created by Guido van Rossum and first released in 1991, Python has a design philosophy that emphasizes code readability, notably using significant whitespace. It provides constructs that enable clear programming on both small and large scales. In July 2018, Van Rossum stepped down as the leader in the language community after 30 years.

Python features a dynamic type system and automatic memory management. It supports multiple programming paradigms, including object-oriented, imperative, functional and procedural, and has a large and comprehensive standard library.

Although there is nothing special about code executing on a machine, the moment when this code is executed is a significant detail from a security standpoint.

The Python programming language allows you to install packages that can be included in your programs to extend their functionality. When your program is executed, the code in the packages will be executed as would be expected. A less known ability, though, is that code can also be executed as part of the installation of the package itself.

A researcher going by the handle mschwager on GitHub demonstrated an attack method that abuses the ‘’ file in Python modules to perform code execution when the package is installed.

Using this method an attacker could place malicious code inside a package that could execute with root privileges, although not all of packages require this level of permission.






Installation file allows sneaky malware deployment

Python modules are typically installed using a package manager called ‘pip’, which launches a ‘’ file that is made available by the developer of the package for installation purposes. This file usually receives little attention since it is present only to help the user add a module to their machine.

When it comes to modules or packages, though, people tend to examine them more thoroughly as this is the code that will be imported and run within a program. Thus they are more prone to having the code inspected and malicious code spotted.






Malicious modules in official Python repository

Malicious libraries are not uncommon in package repositories. Last year, researchers discovered ten of them in PyPi, the official third-party store for Python programming language.

The malicious developers uploaded their libraries with names that resembled those of legitimate modules, thus tricking users into downloading them.

Obviously, the attack worked because users believed the name of the package was correct and did not bother to go through the code or check the spelling. Uploading malicious content was possible because the repository lacked security checks and screenings of the content added to its index.






Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Microsoft Azure Training in Hyderabad

Microsoft Azure Training in Bangalore

Microsoft Azure Training in Bhubaneswar

Networking Training in Bangalore

Networking Training in Hyderabad

Networking Training in Bhubaneswar

Amazon Web Services Training in Hyderabad

Amazon Web Services Training in Bangalore

Amazon Web Services Training in Bhubaneswar

Certified Ethical Hacker Certification – C | EH v10

Computer Forensic Training in Kolkata

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Internet Of Things Training

Internet Of Things Training Hyderabad

Internet Of Things Training in Bhubaneswar

Internet Of Things Training in Bangalore

Embedded System Training

Digital Marketing Training

Machine Learning Training

Android Training in Bangalore

Android Training in Hyderabad

Android Training in Bhubaneswar

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 


Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Web Penetration Testing Company in Bangalore

Network Penetration Testing – NPT

Network Penetration Testing Service in Bangalore

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery


Other Location for Online Courses: