Python Repo CryptoMined

TheCyberThrone

Researchers uncovered six malicious typosquatting packages in the official Python programming language’s PyPI repository, laced with cryptomining malware.

Python Package Index or PyPI is a software code repository created in Python language. Like other repositories such as npm, GitHub, and RubyGems, PyPI is a part of the software supply chain. It offers a place where coders can upload software packages that developers use while building different applications and services.

The fake packages had been submitted by a single author using the ID “nedog123,” and some of them date as far back as April 2021. The packages contained instructions in the setup.py files that download and install cryptomining malware onto systems after getting installed.

A single malicious package can be used in multiple projects, infect the device with cryptominers or info-stealers, etc., thus, making the remediation process extremely difficult.

Malicious Packages Details

  • maratlib: 2,371 downloads
  • maratlib1: 379 downloads
  • matplatlib-plus: 913 downloads

View original post 63 more words

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.