Package names repurposed to push malware on PyPI | allinfosecnews.com

April 24, 2023, 11:05 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

In the beginning of March, ReversingLabs researchers encountered a malicious package on the Python Package Index (PyPI) named termcolour, a three-stage downloader published in multiple versions. Finding this malicious payload wasn’t difficult, but what piqued our interest was its name. The termcolour package wasn’t new. In fact, it had been published to PyPI two years earlier, and then removed. It reappeared on PyPI in the beginning of March — this time as a malicious downloader.

How is it that the …

fact interest malicious malware march name names package payload pypi python python package python package index researchers reversinglabs stage

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Logpoint’s latest release: Gain control over your security operations an hour ago | malware.news

analyst challenges control detect +21

Deciphering Cyber Shadows: Insights into China and Russia’s Cybercrime Ecosystems an hour ago | malware.news

china cyber cybercrime cyber threats +14

Password Dictionary Analysis: Most Used Passwords in the USA an hour ago | malware.news

accounts age analysis breaches +11

Assessing the Y, and How, of the XZ Utils incident an hour ago | malware.news

accounts apt apt groups campaigns +20

January 2024 Cyber Attacks Statistics 3 hours ago | malware.news

article attack attacks attack techniques +14

Pakistani APTs Escalate Attacks on Indian Gov. Seqrite Labs Unveils Threats and Connections 3 hours ago | malware.news

analysis apt apts attacks +18

[QuickNote] Qakbot 5.0 – Decrypt strings and configuration 3 hours ago | malware.news

64-bit actor codebase configuration +16

Trend Micro Collaborated with Interpol in Cracking Down Grandoreiro Banking Trojan 4 hours ago | malware.news

analyze malware article banking banking trojan +17

ICS Security Conference 2024 4 hours ago | malware.news

best practices conference current february +12

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Cyber Threat Analyst

@ Peraton | Morrisville, NC, United States

View on infosec-jobs.com

Kyndryl Offensive Security Professional - Threat-Led Penetration Testing (TLPT) and Red Teaming

@ Kyndryl | Sao Paulo (KBR51645) WeWork Office

View on infosec-jobs.com

Consultant en Cyber Sécurité - Spécialiste PKI H/F

@ Devoteam | Levallois-Perret, France

View on infosec-jobs.com

Cloud Security Architect - Advisor (Remote)

@ Fannie Mae | Reston, VA, United States

View on infosec-jobs.com

OT Cybersecurity Engineer

@ SBM Offshore | Bengaluru, IN, 560071

View on infosec-jobs.com