HomeTechnologyThis hack has a nasty sting for Python developers

Technology

This hack has a nasty sting for Python developers

2 minute read

Electronic security Researchers from Checkmarx have discovered more than two dozen malicious packages on PyPI, a popular repository for Python developers, and have released their findings in a new package. Report (Opens in a new tab).

These malicious packages, designed to look almost identical to legitimate packages, attempt to trick reckless developers into downloading and installing the wrong package, thus distributing malware.

This practice is known as typo appropriation and is very common among cyber criminals who attack software developers.

Thefts

To hide malware, attackers use two unique methods: steganography and polymorphism.

Steganography is the practice of hiding code inside an image, which allows threat actors to distribute malicious code through apparently innocent JPGs and .PNGs.

On the other hand, polymorphic malware changes its payload with each installation, thus successfully sidestepping antivirus software and other cybersecurity solutions.

Here, the attackers used these methods to introduce WASP, an information maker capable of taking over people disagreement Accounts, passwords, cryptocurrency wallet information, credit card data, and any other information about the victim End point Considered interesting.

Once identified, the data is sent back to the attackers via an encrypted Discord webhook address.

The campaign appears to be a marketing ploy, as researchers have apparently caught threatening actors advertising the tool on the dark web for $20 and claiming to be undetectable.

Moreover, researchers believe that this is the same group that was behind a similar attack that was first reported earlier this month by researchers at div (Opens in a new tab) And the check point (Opens in a new tab). At the time, a group codenamed Worok was said to have been distributing DropBoxControl, a custom .NET C# infostealer that abuses Dropbox file hosting for communication and data theft, since at least September 2022.

Because of its range of tools, researchers believe Worok is the work of a quietly operating cyberespionage group, who like to move laterally through target networks, stealing sensitive data. It also appears to use its own tools, as the researchers have not observed it being used by anyone else.

Across: log (Opens in a new tab)

AT&T accelerates AI transformation and marketing speed by up to 70% with H2O.ai

Mountain View, California

How to make more sustainable choices when upgrading your hardware

Now more than ever, companies are making more sustainable choices, from reducing

The Latest

IT Industry Can’t Run Without VPN: Chairman PTA
A meeting of the Senate Standing Committee on IT and Telecom was held under the

November 18, 2024
2 minute read
The Council of Islamic Ideology declared the use of VPN illegal
Allama Raghib Naimi, Chairman of the Council of Islamic Ideology, said in this

November 15, 2024
1 minute read
World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’
Punjab Information Technology Board (PITB) Chairman Faisal Yousaf was presented

August 27, 2024
1 minute read
Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies
Pakistan’s burgeoning Information Technology (IT) sector is facing an

August 18, 2024
2 minute read

Weekly Must-ReadsView All

IT Industry Can’t Run Without VPN: Chairman PTA

The Council of Islamic Ideology declared the use of VPN illegal

World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’

Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies

Popular Topics

Trending NowView All

IT Industry Can’t Run Without VPN: Chairman PTA

The Council of Islamic Ideology declared the use of VPN illegal

World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’

Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies

This hack has a nasty sting for Python developers

Leave a Reply Cancel reply

AT&T accelerates AI transformation and marketing speed by up to 70% with H2O.ai

How to make more sustainable choices when upgrading your hardware

IT Industry Can’t Run Without VPN: Chairman PTA

The Council of Islamic Ideology declared the use of VPN illegal

World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’

Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies

Google Password-killer is now available on Chrome and Android

Carrefour Partners with Mastercard to Celebrate Mondays

PITB-BOP ink MoU to setup Citizen Facilitation Booths at e-Khidmat Centers across Punjab

The most popular brand of phishing attacks may surprise you

Weekly Must-ReadsView All

IT Industry Can’t Run Without VPN: Chairman PTA

The Council of Islamic Ideology declared the use of VPN illegal

World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’

Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies

IT Industry Can’t Run Without VPN: Chairman PTA

The Council of Islamic Ideology declared the use of VPN illegal

World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’

Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies

This hack has a nasty sting for Python developers

Leave a Reply Cancel reply

AT&T accelerates AI transformation and marketing speed by up to 70% with H2O.ai

How to make more sustainable choices when upgrading your hardware

IT Industry Can’t Run Without VPN: Chairman PTA

The Council of Islamic Ideology declared the use of VPN illegal

World Bank Consultant Presents Chairman PITB With His Book ‘Technology in Policing’

Pakistan IT Industry at Risk: Firewall Causing Mass Exodus of Companies

You May Also Like

Google Password-killer is now available on Chrome and Android

Carrefour Partners with Mastercard to Celebrate Mondays

PITB-BOP ink MoU to setup Citizen Facilitation Booths at e-Khidmat Centers across Punjab

The most popular brand of phishing attacks may surprise you