Summary:
- A cluster of malicious Python projects has been discovered on PyPI, the official Python PyPI package repository.
- These projects target both Windows and Linux systems and often contain a custom backdoor.
- In total, 116 malicious packages were found in 53 projects on PyPI.
- These packages have been downloaded over 10,000 times in the past year.
- The malicious code is bundled into Python packages using three different techniques: a test.py script, PowerShell embedded in the setup.py file, and obfuscated code in the __init__.py file.
- PyPI has already removed most of the malicious packages.
- Python developers should thoroughly vet the code they download before installing it on their systems.
Hashtags:
#CyberSecurity #CyberSecurityNews #Windows