Security News > 2022 > August > 10 malicious PyPI packages found stealing developer's credentials
Threat analysts have discovered ten malicious Python packages on the PyPI repository, used to infect developer's systems with password-stealing malware.
The fake packages used typosquatting to impersonate popular software projects and trick PyPI users into downloading them.
PyPI is a repository of over 350,000 open-source software packages that millions of registered users can easily incorporate into their Python projects and build complex products with minimal effort.
Malware operators take advantage of the platform's open nature and frequently upload malicious or fake packages to compromise developers' systems.
Pyg-utils, Pymocks, PyProto2 - All three packages target AWS credentials and appear very similar to another set of packages discovered by Sonatype in June.
In many cases, the malicious packages laid the ground for possible supply chain attacks, so the developer's computer may just be the initial point of a widespread infection, and code should be audited for malicious code.