451 malicious packages available in PyPI contained crypto-stealing malware - fivenewscrypto
Terkini Populer Kategori
Headline
Loading...

mardi 14 février 2023

451 malicious packages available in PyPI contained crypto-stealing malware

451 malicious packages available in PyPI contained crypto-stealing malware
mardi 14 février 2023
A skull and crossbones on a computer screen are surrounded by ones and zeroes.

Enlarge (credit: Getty Images)

More than 400 malicious packages were recently uploaded to PyPI (Python Package Index), the official code repository for the Python programming language, in the latest indication that the targeting of software developers using this form of attack isn’t a passing fad.

All 451 packages found recently by security firm Phylum contained almost identical malicious payloads and were uploaded in bursts that came in quick succession. Once installed, the packages create a malicious JavaScript extension that loads each time a browser is opened on the infected device, a trick that gives the malware persistence over reboots.

The JavaScript monitors the infected developer’s clipboard for any cryptocurrency addresses that may be copied to it. When an address is found, the malware replaces it with an address belonging to the attacker. The objective: intercept payments the developer intended to make to a different party.

Read 12 remaining paragraphs | Comments


Share with your friends

Add your opinion
Disqus comments

Ads Auto