Attacks on Bytecode Interpreters Conceal Malicious Injection Activity

Japanese researchers will demonstrate at the Black Hat USA conference how attackers can insert malicious code into the machine code stored in memory by software interpreters used in programming languages such as Python and VBScript, to escape detection by endpoint security software. This technique could allow attackers to hide their activities from most security tools. The researchers from NTT Security Holdings and the University of Tokyo suggest enforcing write protections to lower the risk of attacks.