all InfoSec news
Obfuscated PyPI Packages Purporting to be i18n Libraries Actually Stealing Telegram Data
Phylum blog.phylum.io
Phylum discovered two packages published to PyPI on October 28 that claim to be libraries for simplifying internationalization. The files were highly obfuscated and upon further inspection were found to contain malicious code designed to steal sensitive Telegram Desktop application data and system information, which it then sends to an
application claim code data desktop desktop application files found i18n information inspection libraries malicious obfuscated october packages phylum pypi pypi packages research sensitive steal stealing system telegram