Malicious PyPI Packages Steal Credentials

MalBot @ Malware Analysis, News and Indicators

Malicious PyPI Packages Steal Credentials - 5d

Read more: malware.news

Researchers have identified two malicious packages, zebo and cometlogger, on the Python Package Index (PyPI) repository. These packages are designed to steal sensitive information such as login credentials and social media accounts from compromised systems. The malicious code was actively downloaded by users. The incident highlights the increasing need for vigilance when using open-source software and the potential for supply chain attacks.

References:

The Hacker News - The Hacker News reports on researchers uncovering PyPI packages stealing keystrokes and hijacking social accounts. - 6d
Techzine Global - Two malicious Python packages revealed by FortiGuard Labs - 6d
CISO2CISO.COM & CYBER SECURITY GROUP - Python Malware in Zebo-0.1.0 and Cometlogger-0.1 Found Stealing User Data – Source:hackread.com - 5d
ciso2ciso.com - Python Malware in Zebo-0.1.0 and Cometlogger-0.1 Found Stealing User Data – Source:hackread.com - 4d
osint10x.com - Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts - 4d
securityonline.info - PyPI Poisoned: “Zebo” and “Cometlogger” Downloaded Hundreds of Times - 4d

Classification:

HashTags: PyPI Malware SupplyChain
Company: PyPI
Target: Python developers
Product: PyPI
Feature: malicious package
Type: Malware
Severity: Medium

FlagThis

Malicious PyPI Packages Steal Credentials - 5d

References:

Classification: