There are about 27 malicious PyPI packages with thousands of downloads have been targeting IT experts. The packages were designed to steal sensitive information from victims, including passwords, credit card numbers, and cryptocurrency wallets, the report from Checkmarx has revealed.
The 27 packages, which masqueraded as popular legitimate Python libraries, attracted thousands of downloads, Checkmarx said in a new report. A majority of the downloads originated from the U.S., China, France, Hong Kong, Germany, Russia, Ireland, Singapore, the U.K., and Japan.
The packages were all found on the Python Package Index (PyPI), which is a popular repository for Python code. The attackers used typosquatting to create packages with names that were very similar to popular legitimate packages. This made it easy for victims to accidentally install the malicious packages.
Once installed, the malicious packages would steal sensitive information from the victim's computer and send it to the attackers. The attackers could then use this information to commit identity theft, fraud, and other crimes.
Checkmarx has already notified PyPI of the malicious packages, and they have been removed from the repository. However, it is important to note that there may be other malicious packages still on PyPI that have not yet been discovered.
To protect yourself from malicious PyPI packages, it is important to be careful about what you install. Only install packages from trusted sources, and always read the package documentation carefully before installing it. You should also keep your PyPI installation up to date, as PyPI is constantly adding new security features to protect users from malicious packages.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.