Python Popular With Hackers
Written by Janet Swift   
Wednesday, 03 October 2018

The latest news of Python's popularity comes from a cyber security software and services company which provides protection to enterprise data and application software. Imperva reports that around 77 percent of all the sites it protects, have been attacked by at least one Python-based tool. 

Image result for site:i-programmer.info python

Python's popularity is a recurring theme on I Programmer and if you want a reminder or recap see Python - The Future Of Programming? and Python's Unstoppable Rise.

Now the Imperva threat research team has investigated how popular Python is among "bad actors". Looking first at GitHub, Johnathan Azaria, Ori Nakar, Edi Kogan estimated that:

more than 20% of GitHub repositories that implement an attack tool / exploit PoC are written in Python.

Turning to its own data, specifically security incidents but excluding vulnerability scanners, the Imperva team  found that the largest group of clients identified (25%) were based on Python, making it the most common vector for launching exploit attempts:

impervac1

 

Examining the use of Python in daily attacks against the sites it protects over a period of 80 days, Imperva found that up to 77%, of them were attacked by a Python-based tool:impervadailyattacks

The researchers noted that the two most popular Python modules used for web attacks are Python Requests (89%) and Urllib (11%). They comment:

Use of the new module, Async IO, is just kicking off, which makes perfect sense when you consider the vast possibilities the library offers in the field of layer 7 DDoS; especially when using a “Spray N’ Pray” technique.

Noting that the number of CVEs (Common Vulnerabilities and Exposures) has increased steeply since 2013, the researchers comment:

The advantages of Python as a coding language make it a popular tool for implementing known exploits. 

Looking for the most popular targets for exploits, they found that attacks aimed at Struts, Joomla, WordPress and Drupal were the most common.impervac2

In terms of how to respond, the advice from Imperva is:

Unless you can differentiate between requests from Python-based tools and any other tool ... make sure to keep security in mind when developing, keep your system up to date with patches, and refrain from any practice that is considered insecure.

 

More Information

The World’s Most Popular Coding Language Happens to be Most Hackers’ Weapon of Choice

 

Related Articles

Python's Unstoppable Rise

Python The Future Of Programming?

Guido van Rossum Quits As Python BDFL

Python 3.7 Released

Python Development Trends

What Makes Python Special?

Python 3 For Science - A Survey

Jupyter Receives ACM Award

Free Version of PyCharm Python IDE

Getting Started with Python (Draft book extract from Programmer's Python)

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

 

Banner


IBM Updates Granite Models
28/10/2024

IBM has released new Granite models that it says provide state-of-the-art performance relative to model size. The Granite 3.0 collection includes a new, instruction-tuned, dense decoder-only LLM.



Apache Lucene Improves Sparce Indexing
22/10/2024

Apache Lucene 10 has been released. The updated version adds a new IndexInput prefetch API, support for sparse indexing on doc values, and upgraded Snowball dictionaries resulting in improved tokeniza [ ... ]


More News

espbook

 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Wednesday, 03 October 2018 )