Hacked PyPI (Python Package Index) 451 infected packages

More than 400 malicious packages were uploaded recently στο PyPI (Python Package Index), το επίσημο αποθετήριο κώδικα για τη γλώσσα προγραμματισμού Python, μετά από μια hacking επίθεση που μας δείχνει ότι η στόχευση προγραμματιστών λογισμικού δεν είναι μια περαστική μόδα.

The 451 packets recently detected by security firm Phylum contained nearly identical malicious payloads and were uploaded in successive attacks. pypi

Once installed, the packages create a malicious JavaScript extension that loads whenever a browser is opened on the infected device, a trick that gives the malware the ability to start again after reboots.

The JavaScript monitors the infected developer's clipboard for any cryptocurrency addresses they may be using. When an address is found, the malware replaces it with an address belonging to the attacker.

The target: the interception of the developer's payments.

iGuRu.gr The Best Technology Site in Greece
Follow us on Google News

PyPI, python

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).