Python Q&A site StackExchange hijacked to spread malware disguised as answers

Researchers from Checkmarx have uncovered a sophisticated campaign in which attackers built credibility within the Python Package Index (PyPI) community to release crypto-draining, data-stealing malware. Starting a little over a month ago, the attackers uploaded …

Python Q&A site StackExchange hijacked to spread malware disguised as answers



tfTPM2h23pWZ3334EbhVKT

Researchers from Checkmarx have uncovered a sophisticated campaign in which attackers built credibility within the Python Package Index (PyPI) community to release crypto-draining, data-stealing malware.

Starting a little over a month ago, the attackers uploaded several non-malicious Python packages, such as ‘spl-types,’ to establish credibility and evade detection for a future attack, via the StackExchange Q&A website.



Source link

Leave a Comment

Index