An Interest In:
Web News this Week
- April 25, 2024
- April 24, 2024
- April 23, 2024
- April 22, 2024
- April 21, 2024
- April 20, 2024
- April 19, 2024
October 27, 2018 07:34 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/8buBCbDZTLM/twelve-malicious-python-libraries-found-and-removed-from-pypi
Twelve Malicious Python Libraries Found and Removed From PyPI
An anonymous reader writes:A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code. The 12 packages used typo-squatting in the hopes a user would install them by accident or carelessness when doing a "pip install" operation for a mistyped more popular package, like Django (ex: diango). Eleven libraries would attempt to either collect data about each infected environment, obtain boot persistence, or even open a reverse shell on remote workstations. A twelfth package, named "colourama," was financially-motivated and hijacked an infected users' operating system clipboard, where it would scan every 500ms for a Bitcoin address-like string, which it would replace with the attacker's own Bitcoin address in an attempt to hijack Bitcoin payments/transfers made by an infected user. 54 users downloaded that package -- although all 12 malicious packages have since been taken down. Four of the packages were misspellings of django -- diango, djago, dajngo, and djanga.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/8buBCbDZTLM/twelve-malicious-python-libraries-found-and-removed-from-pypi
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot