Security News > 2023 > January > Researchers Uncover 3 PyPI Packages Spreading Malware to Developer Systems

Researchers Uncover 3 PyPI Packages Spreading Malware to Developer Systems
2023-01-17 06:36

The packages - named colorslib, httpslib, and libhttps - by the author between January 7, 2023, and January 12, 2023.

The modules come with identical setup scripts that are designed to invoke PowerShell and run a malicious binary hosted on Dropbox, Fortinet disclosed in a report published last week.

"However, these packages download and run a malicious binary executable."

The disclosure arrives weeks after Fortinet unearthed two other rogue packages by the name of Shaderz and aioconsol that harbor similar capabilities to gather and exfiltrate sensitive personal information.

The findings once again demonstrate the steady stream of malicious activity recorded in popular open source package repositories, wherein threat actors are taking advantage of the trust relationships to plant tainted code in order to amplify and extend the reach of the infections.

Users are advised to exercise caution when it comes to downloading and running packages from untrusted authors to avoid falling prey to supply chain attacks.


News URL

https://thehackernews.com/2023/01/researchers-uncover-3-pypi-packages.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Pypi 15 0 0 1 15 16