More than 400 malicious packages were uploaded recently στο PyPI (Python Package Index), το επίσημο αποθετήριο κώδικα για τη γλώσσα προγραμματισμού Python, μετά από μια hacking επίθεση που μας δείχνει ότι η στόχευση προγραμματιστών λογισμικού δεν είναι μια περαστική μόδα.
The 451 packets recently detected by security firm Phylum contained nearly identical malicious payloads and were uploaded in successive attacks. 
Once installed, the packages create a malicious JavaScript extension that loads whenever a browser is opened on the infected device, a trick that gives the malware the ability to start again after reboots.
The JavaScript monitors the infected developer's clipboard for any cryptocurrency addresses they may be using. When an address is found, the malware replaces it with an address belonging to the attacker.
The target: the interception of the developer's payments.
