Python is a hit with hackers, report finds

Imperva: Up to 77 percent of the sites we monitor were attacked by a Python-based tool.
Written by Catalin Cimpanu, Contributor

After breaking into the top three most popular programming languages for the first time this month, behind C and Java, Python has also won the hearts of hackers and web nasties, according to attack statistics published this week by web security biz Imperva.

The company says more than a third of daily attacks against sites the company protects come from a malicious or legitimate tool coded in Python.

Imperva says that around 77 percent of all the sites the company protects, have been attacked by at least one Python-based tool.

Furthermore, when the company looked at the list of tools that hackers used for their attacks, more than a quarter were coded in Python, by far the attackers' favorite tool.


Preponderance of Python among hacking tools detected by Imperva's detections.

Image: Imperva

"Hackers, like developers, enjoy Python's advantages which makes it a popular hacking tool," the Imperva team says.

These advantages include an easy to pick up syntax, a breadth of online tutorials, and an extensive collection of libraries and other ready-made tools available in places like PyPI and GitHub.

In fact, many of the Python tools attackers use have often been created for use inside legitimate apps, or by security researchers themselves, for use in testing their own systems against various vulnerabilities.

But once these testing tools make it on GitHub, they also enter the public domain, from where hackers deploy them in other ways than the ones for which they were initially created.

SEE: Python is eating the world: How one developer's side project became the hottest programming language on the planet (cover story PDF) (TechRepublic)

Based on Imperva's data, the most abused legitimate Python tools are the "requests" and "urllib" libraries, two of the cornerstones of almost any Python web app.

As for what hackers do with these things, Imperva's crew says they're attempting to exploit vulnerabilities like CVE-2017-9841 (PHPUnit), CVE-2015-8562 (Joomla), or CVE-2018-1000207 (ModX PHP CMS).

The moral of this report is that if you have a web app, web server, or website exposed online, it's quite likely that some script kiddie is using a Python tool downloaded from GitHub to break into your server. Which, in hindsight, is no surprise, since Python is just as versatile as Java, but much easier to learn, good and bad guys alike.

These are 2018's biggest hacks, leaks, and data breaches

Previous and related coverage:

Possible Python rival? Programming language Julia is winning over developers

A young programming language for machine learning is on the rise and could be soon gunning for Python.

Python's rise: Could it soon edge out C++ in programming language popularity?

Python climbs up TIOBE's search engine-based index of programming language popularity.

Microsoft readies Python, Java support for its bot-building framework

Microsoft may be ready to rev up (again) its conversation as a service strategy, with new additions to its bot-framework toolset.

Is Julia the next big programming language? MIT thinks so, as version 1.0 lands TechRepublic

Released in 2012, Julia is designed to combine the speed of C with the usability of Python, the dynamism of Ruby, the mathematical prowess of MatLab, and the statistical chops of R.

Mozilla's radical open-source move helped rewrite rules of tech CNET

A gamble 20 years ago unleashed the source code for the browser that became Firefox. The approach is now core to Facebook, Google and everyone else.

Related stories:

Editorial standards