Security News > 2022 > November > Dozens of PyPI packages caught dropping 'W4SP' info-stealing malware
Researchers have discovered over two dozen Python packages on the PyPI registry that are pushing info-stealing malware.
Researchers have identified over two dozen Python packages on the PyPI registry that imitate popular libraries but instead drop info-stealers after infecting machines.
Ultimately, the researchers concluded that the malware dropped by these packages was W4SP Stealer that exfiltrates your Discord tokens, cookies and saved passwords.
In August, Kaspersky Securelist researchers had also analyzed malicious PyPI packages which, much like these, were obfuscated with open source tool called Hyperion and caught dropping W4SP. Type me once, read me twice!
Software developer and researcher Hauke Lübbers came across PyPI packages "Pystile" and "Threadings" containing malware that labeled itself "GyruzPIP.".
Lübbers, who has reported these packages to PyPI admins, told BleepingComputer that these projects would likely need to be included as dependencies in a program for them to exhibit malicious behavior.