Python Package Index Hit by Supply-Chain Attack

Cybersecurity researchers have discovered a sophisticated supply-chain attack targeting Python developers through a malicious package on the Python Package Index (PyPI). The package, named 'spellcheckers,' contains a multi-layered encrypted backdoor designed to steal cryptocurrency information and establish remote access. The attackers have expanded their operations to the PyPI repository, targeting developers who unknowingly install the compromised package. The malicious package mimics the legitimate 'pyspellchecker' library and has been downloaded over 950 times, potentially compromising hundreds of developer systems.

Latest mentioned: 11-24

Earliest mentioned: 11-24

Sources

gbhackers.com gbhackers.com securityonline.info

Also Read

RomCom Malware Targets Engineering Firm via SocGholish

The RomCom malware group targeted a civil engineering company using the SocGholish JavaScript loader to deliver the Mythic Agent. This marks the first observed instance of RomCom using SocGholish for distribution. The attack, attributed to a military unit, aimed at entities with ties to a specific region. The infection chain involved fake browser updates and a custom Python backdoor, highlighting the blend of cybercrime and espionage tactics.

11-26Read more →