Cybersecurity researchers from Checkmarx have discovered more than two dozen malicious packages on PyPI, a popular repository for Python developers, and released their findings in a new report. 

These malicious packages, designed to look almost identical to legitimate ones, try to trick reckless developers into downloading and installing the wrong one, thus distributing malware. 

The practice is known as typosquatting and it’s quite popular among cybercriminals that attack software developers.

Infostealer thefts

To hide the malware, the attackers are using two unique approaches: steganography, and polymorphism. 

Steganography is the practice of hiding code inside an image, which allows threat actors to distribute malicious code through seemingly innocent .JPGs and .PNGs. 

Polymorphic malware, on the other hand, changes the payload with every install, thus successfully avoiding antivirus programs and other cybersecurity solutions.

Here, the attackers used these techniques to deliver WASP, an infostealer capable of grabbing people’s Discord accounts, passwords, cryptocurrency wallet information, credit card data, as well as any other information on the victim’s endpoint deems interesting. 

Read more

> Learn coding skills with the best Python online courses

> More malware is being hidden in PNG images, so watch out

> Even the Windows logo isn’t safe from malware

Once identified, the data …read more

Source:: TechRadar – All the latest technology news


NASA Chooses Spacex To Launch A Self Propelled Space Station To The Moon

Leave a Reply

Your email address will not be published. Required fields are marked *