all InfoSec news
Attacker – hidden in plain sight for nearly six months – targeting Python developers
Nov. 16, 2023, 1:05 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
Key Points
- For nearly half a year, a threat actor has been planting malicious Python packages into the open-source repository.
- Many of the malicious packages were camouflaged with names closely resembling popular legitimate Python packages. Consequently, they received thousands of downloads.
- The setup.py file within these packages was used to carry the harmful payload, which allowed the malicious code to be executed upon installation.
- A defining characteristic of this attack was the utilization of steganography to hide a malicious payload …
actor attacker developers downloads file hidden key key points malicious malicious packages names packages points popular python repository setup.py targeting threat threat actor
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)
@ IREX | Ramallah, West Bank, Palestinian National Authority
Consultant(e) Junior Cybersécurité
@ Sia Partners | Paris, France
Senior Network Security Engineer
@ NielsenIQ | Mexico City, Mexico
Senior Consultant, Payment Intelligence
@ Visa | Washington, DC, United States
Corporate Counsel, Compliance
@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
Security Operations Engineer
@ Samsara | Remote - US