Security News > 2024 > February > Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems
2024-02-29 08:17
The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been collectively downloaded 3,269 times, with pycryptoconf accounting for the most
News URL
https://thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html
Related news
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents (source)
- Fake LDAPNightmware exploit on GitHub spreads infostealer malware (source)
- Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws (source)
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)