Malicious PyPI packages hijack dev devices to mine cryptocurrency

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Content source
https://www.bleepingcomputer.com/news/security/malicious-pypi-packages-hijack-dev-devices-to-mine-cryptocurrency/
This week, multiple malicious packages were caught in the PyPI repository for Python projects that turned developers' workstations into cryptomining machines.
All malicious packages were published by the same account and tricked developers into downloading them thousands of times by using misspelled names of legitimate Python projects.
Click to expand...
 
  • Like
  • +Reputation
Reactions: Venustus, Andy Ful, Vasudev and 5 others
You must log in or register to reply here.

Similar threads

vtqhtr413
    • +Reputation
    • Like
Fake VMware vConnector package on PyPI targets IT pros
Replies
2
Views
1,489
News Archive
[correlate]
[correlate]
silversurfer
    • Like
    • +Reputation
    • Thanks
Malicious ‘Lolip0p’ PyPi packages install info-stealing malware
Replies
2
Views
667
News Archive
[correlate]
[correlate]
upnorth
    • Wow
    • Like
    • +Reputation
US govt demands data on PyPI developers
Replies
1
Views
865
News Archive
Zero Knowledge
Z

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top