1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Malicious PyPi packages turn Discord into password-stealing malwa

    From TechnologyDaily@1337:1/100 to All on Fri Aug 19 20:00:04 2022
    Malicious PyPi packages turn Discord into password-stealing malware

    Date:
    Fri, 19 Aug 2022 18:42:56 +0000

    Description:
    PyPi abused by threat actors to distribute malware that steals Discord and browser data.

    FULL STORY ======================================================================

    Python developers are under attack once again, with attackers looking to
    steal Discord account details along with data stored in various browsers .

    Cybersecurity researchers from Snyk have recently spotted a dozen malicious packages, uploaded to PyPi, the biggest Python code repository out there,
    with more than 600,000 active users.

    The packages were uploaded almost a month ago, by a threat actor called scarycoder. They claim to provide the users with various functionalities, Roblox tools, thread management, and others. Instead, the researchers have found, all the packages do is steal sensitive information. Stealing passwords

    Different packages are capable of stealing different things. Some are focused on data stored in browsers such as Google Chrome, Chromium, Microsoft Edge, Firefox, and Opera. The data includes stored passwords , browser history, cookies, and search history. Others are installing backdoors directly into
    the Discord client, stealing authentication tokens, Nitro status, billing information, and credit card data.

    One of the malicious programs attacks Roblox, it was further said, stealing account cookies, user IDs, Robux balance, and Premium status. Read more

    Malicious Python packages dump your AWS secrets online


    Millions of us are using malicious browser extensions without realizing


    Learn or develop Python coding skills with the best Python online courses

    PyPis administrators are relatively slow to respond, the publication states, adding that its probably not due to negligence, but rather due to the fact that the entire project is run by a handful of volunteers who simply cant
    keep up with a tidal wave of malware uploads.

    Still, the slow response means many of Python developers will remain exposed to various viruses, malware , and other forms of attacks.

    Experts from Spectralops recently found 10 malicious packages on the PyPi platform . All of these were given names that are almost identical to the names of legitimate packages in order to dupe developers into downloading,
    and adopting, the tainted ones. The practice is called typosquatting, and its quite a common occurrence in the developer community. These are the best firewalls right now

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/malicious-pypi-packages-turn-discord-into-passw ord-stealing-malware/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)