By Gagandeep Singh
14-Feb-2023
A threat actor uploaded five malicious packages on the PyPi Index.
Security research firm discovered these five malicious packages uploaded on the PyPi Index.
The Information Stealing malware attempts to steal passwords, crypto & more from the Infected PC.
Not only this, the information-stealing malware targets Browsers, cookies & more.
Threat actor uploads the same code to PyPi via the Packages before getting banned by the respiratory.
There’s also a feature that finds the file through the keywords & then tries to steal it.
The malware exploits a feature that contains files & sends them to the Theat target.
Though hundreds of developers downloaded these packages before being removed.