More than 400 malicious packages were uploaded recently in PyPI (Python Package Index), the official repository code για τη γλώσσα προγραμματισμού Python, μετά από μια hacking επίθεση που μας δείχνει ότι η στόχευση προγραμματιστών λογισμικού δεν είναι μια περαστική μόδα.
The 451 packets recently detected by security firm Phylum contained nearly identical malicious payloads and were uploaded in successive attacks.
Once installed, the packages create a malicious JavaScript extension that loads whenever a browser is opened on the infected device, a trick that gives the malicious λογισμικό την δυνατότητα να ξεκινά ξανά μετά από επανεκκινήσεις.
JavaScript keeps track of it clipboard of the infected developer for any cryptocurrency addresses they may be using. When an address is found, the malware replaces it with an address belonging to the attacker.
The target: the subtheft of developer payments.