Attacks on Bytecode Interpreters Conceal Malicious Injection Activity (Dark Reading)

By injecting malicious bytecode into interpreters for VBScript, Python, and Lua, researchers found they can circumvent malicious code detection.

August 7, 2024

Bytecode attacks are not necessarily new, but they are relatively novel. In 2018, a group of researchers from the University of California at Irvine (including Distinguished Professor of Computer Science Michael Franz) published a paper, “Bytecode Corruption Attacks Are Real — And How to Defend Against Them,” introducing bytecode attacks and defenses. Last year, the administrators of the Python Package Index (PyPI) removed a malicious package, known as fshec2, which escaped initial detection because all its malicious code was compiled as bytecode. Python compiles its bytecode into PYC files, which can be executed by the Python interpreter.

Read the full article in Dark Reading.

Related Posts

Accessibility Advocate (UCI News)

Building a Novel AI System for Personalized Sustainability Education

UCI Team Collaborates on $15M Grant to Secure Cyber-Physical Systems

A Time to Reconnect & Network: Information Systems Group Reunion

In Memoriam: Fred Tonge, Professor Emeritus and Founding Member of ICS

Data Science Students Win American Statistical Association Award