New Malicious PyPI Packages used by Lazarus | allinfosecnews.com

Feb. 28, 2024, 2:26 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

JPCERT/CC has confirmed that Lazarus has released malicious Python packages to PyPI, the official Python package repository (Figure 1). The Python packages confirmed this time are as follows:

pycryptoenv

pycryptoconf

quasarlib

swapmempool

The package names pycryptoenv and pycryptoconf are similar to pycrypto, which is a Python package used for encryption algorithms in Python. Therefore, the attacker probably prepared the malware-containing malicious packages to target users' typos in installing Python packages.

This article provides details on these malicious Python packages.

Figure …

algorithms encryption lazarus malicious malicious pypi packages malware analysis names official package packages pypi pypi packages python python package python packages repository

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks 44 minutes ago | malware.news

advisory article blog compromised +21

Intel 471 Sets New Standard in Intelligence-Driven Threat Hunting 49 minutes ago | malware.news

actor advanced cyborg cyborg security +14

Linux Trojan - Xorddos with Filename eyshcjdmzg, (Mon, Apr 29th) 7 hours ago | malware.news

ddos dshield filename files +8

CISO Perspectives: Protecting Legacy Network Devices with ZTNA 10 hours ago | malware.news

attention aware ciso customers +20

London Drugs pharmacy closes all stores to respond to cyber incident 11 hours ago | malware.news

article canada closures cyber +11

HPE security advisory (AV24-232) 13 hours ago | malware.news

advisory article canadian canadian centre for cyber security +7

SonicWall security advisory (AV24-233) 13 hours ago | malware.news

advisory article canadian canadian centre for cyber security +7

Critical infrastructure cyberattacks pushed NSA to unmask thousands of U.S. identities through spying law 13 hours ago | malware.news

act critical critical infrastructure cyberattacks +14

Change Healthcare incident caused by compromised Citrix credentials 13 hours ago | malware.news

article ceo change change healthcare +15

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Professional Services Resident Consultant / Senior Professional Services Resident Consultant - AMS

@ Zscaler | Bengaluru, India

View on infosec-jobs.com

Head of Security, Risk & Compliance

@ Gedeon Richter Pharma GmbH | Budapest, HU

View on infosec-jobs.com

Unarmed Professional Security Officer - County Hospital

@ Allied Universal | Los Angeles, CA, United States

View on infosec-jobs.com

Senior Software Engineer, Privacy Engineering

@ Block | Seattle, WA, United States

View on infosec-jobs.com

Senior Cyber Security Specialist

@ Avaloq | Bioggio, Switzerland

View on infosec-jobs.com