python-dateutils—A Cryptominer in Disguise Targeting Windows, Linux, macOS

You've probably heard of the Python module 'dateutil'. The module offers powerful extensions to the standard datetime library extensively used by Python developers. Yesterday, however, Sonatype's automated malware detection system caught a suspicious PyPI package called 'python-dateutils' that mines Monero (XMR) cryptocurrency on your system—whether Windows, Linux, or macOS, and steals AWS credentials.

cryptocurrency cryptominer crypto mining featured linux macos malware prevention pypi python targeting vulnerabilities windows