GammaGrove

Loading

Python Q&A site StackExchange hijacked to spread malware disguised as answers

Python Q&A site StackExchange hijacked to spread malware disguised as answers



Researchers from Checkmarx have uncovered a sophisticated campaign in which attackers built credibility within the Python Package Index (PyPI) community to release crypto-draining, data-stealing malware.

Starting a little over a month ago, the attackers uploaded several non-malicious Python packages, such as ‘spl-types,’ to establish credibility and evade detection for a future attack, via the StackExchange Q&A website.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *