Security News > 2023 > November > Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI

Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI
2023-11-08 12:57

A new set of malicious Python packages has slithered their way to the Python Package Index repository with the ultimate aim of stealing sensitive information from compromised developer systems.

The packages masquerade as seemingly innocuous obfuscation tools, but harbor a piece of malware called BlazeStealer, Checkmarx said in a report shared with The Hacker News.

" retrieves an additional malicious script from an external source, enabling a Discord bot that gives attackers complete control over the victim's computer," security researcher Yehuda Gelb said.

The campaign, which commenced in January 2023, entails a total of eight packages named Pyobftoexe, Pyobfusfile, Pyobfexecute, Pyobfpremium, Pyobflite, Pyobfadvance, Pyobfuse, and pyobfgood, the last of which was published in October.

A majority of downloads associated with the rogue packages originated from the U.S., followed by China, Russia, Ireland, Hong Kong, Croatia, France, and Spain.

"Developers must remain vigilant, and vet the packages prior to consumption."


News URL

https://thehackernews.com/2023/11/beware-developers-blazestealer-malware.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Python 24 2 52 74 31 159
Pypi 15 0 0 1 15 16