Hello and welcome to the Friday, February 9th, 2020,

for edition of the Sandstone Storms, Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

This is also the 15th anniversary of this podcast.

As I've said before, if you have any tips how to make this podcast better,

what you like, what you don't like about it, please let me know. That's really sort of how you can

pay back a little bit for the work that goes into making this podcast to make sure it's the best podcast that I could

possibly do, given the overall format of a short-form podcast like this.

Xavier today came across another interesting, and with interesting, we usually mean malicious

Python script.

This, again, is a Python script

with Gwi which always is

somewhat suspicious it's

attempting to be an MP3 player at least

that's what it says it doesn't it apparently also

works somewhat as an MP3 player but in addition

to being an MP3 player it but in addition to being an MP3 player, it'll also log keystrokes.

Xavier does have a little video with a walkthrough of the analysis of this particular script

to show how it works, and well, virus total, again, low score here, only two out of 61 antivirus engines are detecting this specific Python script as malicious.

Now, you may say why would anybody ever install a Python MP3 player? Like, particularly, if you look at the screenshots here, it doesn't really look like much.

One thing I'm a little bit worried about is that some of these applications

may be used sort of as sample applications by developers to basically learn how to do certain

...