Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI

2023-11-08 12:57

A new set of malicious Python packages has slithered their way to the Python Package Index repository with the ultimate aim of stealing sensitive information from compromised developer systems.

The packages masquerade as seemingly innocuous obfuscation tools, but harbor a piece of malware called BlazeStealer, Checkmarx said in a report shared with The Hacker News.

" retrieves an additional malicious script from an external source, enabling a Discord bot that gives attackers complete control over the victim's computer," security researcher Yehuda Gelb said.

The campaign, which commenced in January 2023, entails a total of eight packages named Pyobftoexe, Pyobfusfile, Pyobfexecute, Pyobfpremium, Pyobflite, Pyobfadvance, Pyobfuse, and pyobfgood, the last of which was published in October.

A majority of downloads associated with the rogue packages originated from the U.S., followed by China, Russia, Ireland, Hong Kong, Croatia, France, and Spain.

"Developers must remain vigilant, and vet the packages prior to consumption."

News URL

https://thehackernews.com/2023/11/beware-developers-blazestealer-malware.html

#developer #malware #python

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Python		27	10	87	73	27	197
Pypi		14	0	0	14	0	14

News URL

Related news

Related vendor