Researchers uncovered a malicious campaign aimed at Python Package Index (PyPI) users, where fake libraries mimicking 'time' utilities were found to secretly capture sensitive data. ReversingLabs identified 20 packages with over 14,100 downloads, designed to upload data to attackers' infrastructure and exfiltrate cloud secrets. Some packages, like 'acloud-client' and 'enumer-iam', had been incorporated as dependencies in popular GitHub projects, elevating the risk of wider distribution. All compromised packages have since been removed from PyPI, emphasizing necessary actions against such cybersecurity threats.
Cybersecurity researchers reported a malicious campaign targeting PyPI users, distributing fake 'time'-related packages designed to steal sensitive data like cloud access tokens.
ReversingLabs discovered 20 malicious packages, cumulatively downloaded over 14,100 times, designed to steal sensitive data via bogus cloud functionalities.
Packages like 'acloud-client' and 'enumer-iam' were listed as dependencies in a popular GitHub project, indicating further reach of these malicious tools.
The identified malicious packages have already been removed from the Python Package Index (PyPI), showcasing quick action by the repository to maintain security.
Collection
[
|
...
]