ShiftDelete.net
FOLLOW US

Malware detected in PyPI Python packages

4 different malware detected in Python Package Index (PyPI).These malicious software with dangerous actions've been downloaded by many users.

Malware detected in PyPI Python packages

Researchers found that the malware infected 4 Python Package Index (PyPI). These malicious software can make some changes to the computer on which it is installed.

It can take a number of dangerous actions. Dropping malware, deleting the netstat utility, and manipulating the SSH authorized_keys file. Unfortunately, these packages were downloaded by many users until the spyware was detected.

Packages containing malware have been downloaded 450 times!

When attention is paid to their names, it is seen that these names were not chosen by chance. aptx is a copyrighted product of Qualcomm. It basically aims to transmit sound losslessly. httops, on the other hand, is similar in name to https, which we are all familiar with. tkint3rs is an imitation of tkinter.

malware

“Most of these packages had well thought out names, to purposely confuse people,” security researcher and journalist Ax Sharma said. An analysis of the malicious code injected in the setup script reveals the presence of an obfuscated Meterpreter payload that’s disguised as “pip,” a legitimate package installer for Python which can be leveraged to gain shell access to the infected host.

It also takes steps to remove the netstat command line utility used to monitor network configuration and activity and modify the .ssh/authorized_keys file to install an SSH backdoor for remote access.

FortiGuard Labs is the threat intelligence and research organization at Fortinet. They’re uncovering five different Python packages. These are web3-essential, 3m-promo-gen-api, ai-solver-gen, hypixel-coins, httpxrequesterv2, and httpxrequester to infiltrate the system and access sensitive information they are designed.

Python is a popular, constantly updated programming language suitable for data processing and cyber security. Widely used by many corporate companies and start-ups. Python may have been chosen as a target because it is also a popular language among cybersecurity professionals. What do you think about this subject? Please share your opinion with us in the comments!

SDN Comments 0 Comments

Comment

ADVERTISEMENT

Related News

Analysts are confused! Netflix announced how much money it made
Analysts are confused! Netflix announced how much money it made
iqoo-neo-9s-pro-leaked-before-launch
iQOO Neo 9s Pro leaked again
Zuckerberg is now challenging ChatGPT! Meta AI is out
Zuckerberg is now challenging ChatGPT! Meta AI is out
The change that drove WhatsApp users crazy rolled back!
The change that drove WhatsApp users crazy rolled back!

SDN Network

Sihirli Elma Yeşil Robot Tech Inside Pembe Teknoloji Co-Founder.Work Future Flow Life

SDN.net

1250 BORREGAS AVENUE, #40, SUNNYVALE, CA
94089 ShiftDelete.Net LLC

[email protected]

Shiftdelete.Net is a member of the Association of Internet Media and IT Reporters.

We want to keep you updated with notifications.