Sept. 19, 2023, 7:35 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics

Key Points

  • A malicious Python package, “Culturestreak”, hijacks system resources for unauthorized cryptocurrency mining.

  • The malicious package utilizes obfuscated code and random filenames to evade detection.

  • The code runs in an infinite loop, making it a relentless threat that continually exploits system resources.

  • The malicious code originates from an active GitLab repository, underscoring the ongoing risk to users.

Recently, our team came across a Python package named “culturestreak”. A closer look reveals a darker purpose: unauthorized cryptocurrency mining. Let’s break …

attacker code crypto cryptocurrency cryptocurrency mining crypto mining detection evade exploits gitlab key key points loop making malicious mining obfuscated package points python python package random resources system threat

Business Information Security Officer

@ Metrolink | Los Angeles, CA

Senior Security Engineer

@ Freedom of the Press Foundation | Remote, 4 hour time zone overlap with New York City

Security Engineer

@ ChartMogul | Remote, EU

REF7225P- Information Security (HIPPA& GDPR) Pune-Contract Employee

@ WNS Global Services | Pune, India

Cortex Systems Engineer, SecOps Platform - North America

@ Palo Alto Networks | Remote, Texas, United States

Senior Threat Engineer

@ Zscaler | Tel Aviv-Yafo, Israel