BOOK THIS SPACE FOR AD
ARTICLE AD2. August 2021
This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
Repositories of software packages have become a frequent target for supply chain attacks. Reports concerning malware attacks on prominent repository systems like npm, PyPI, and RubyGems have been recently surfacing. Programmers completely trust repositories and install packages from such sources, provided that they are trustworthy.
Malware packages may be posted to the package repository, permitting malicious actors to leverage repository systems to propagate viruses and start successful attacks both on developers and CI/CD machines in the pipeline.
Eight Python packages that have been installed more than 30,000 times have been deleted from the PyPI portal with malicious code, demonstrating again how software package repositories have developed into a hub for a popular supply chain attack.
The dearth of moderation and automated security safeguards in public software repositories enables relatively unfamiliar attackers, through typosquatting, dependency misunderstanding, or basic social engineering attempts, to utilize them as a base to disseminate malware.
PyPI is Python’s primary third-party software repository, which has package manager utilities, such as pip, as its default package and dependency source.
Several of the packages could have been used for more complex threats, allowing the attacker to implement remote code on the target device, collect network data, plunder credit card details, and autosaved passwords in browsers like Chrome and Edge, and sometimes even steal D
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: Malevolent PyPI Packages Detected Filching Developer Data
By continuing to use the site, you agree to the use of cookies. more information