Security News > 2024 > February > Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems
2024-02-29 08:17
The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been collectively downloaded 3,269 times, with pycryptoconf accounting for the most
News URL
https://thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html
Related news
- BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (source)
- Adversarial groups adapt to exploit systems in new ways (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims (source)
- Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign (source)
- Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware (source)
- New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (source)