Python Q&A site StackExchange hijacked to spread malware disguised as answers

0
14

Researchers from Checkmarx have uncovered a sophisticated campaign in which attackers built credibility within the Python Package Index (PyPI) community to release crypto-draining, data-stealing malware.

Starting a little over a month ago, the attackers uploaded several non-malicious Python packages, such as ‘spl-types,’ to establish credibility and evade detection for a future attack, via the StackExchange Q&A website.

LEAVE A REPLY

Please enter your comment!
Please enter your name here