Cybersecurity researchers have identified 116 malicious packages on the Python Package Index (PyPI) repository designed to infect Windows and Linux systems with a custom backdoor. Sometimes, the final payload is a variant of the infamous W4SP Stealer, a simple clipboard monitor to steal cryptocurrency, or both, noted investigators.
The packages are estimated to have been downloaded over 10,000 times since May 2023. The threat actors behind the activity have been observed using three techniques
Security researchers have identified more than 20 malicious PyPI packages designed to steal passwords and other sensitive information from the victims’ machines. Investigators are warning of two such packages ‘ultrarequests’ and ‘pyquest’ that were masquerading as ‘requests’, a highly popular open source package. The malicious repositories copied the description from the legitimate package and contained fake statistics. PyPI as an index which allows users to search for packages by keywords o
