Tuesday, June 17, 2025
HomeTechnologyDangerous Collection of Python Packages Found on PyPI
Technology

Dangerous Collection of Python Packages Found on PyPI

0
50


ESET Research Discovers Malicious Python Packages on PyPI

ESET Research has uncovered a cluster of malicious Python projects being distributed in PyPI, the official Python package repository. These projects target both Windows and Linux systems and typically deliver a custom backdoor. In some instances, the final payload includes a variant of the notorious W4SP Stealer, a clipboard monitor that steals cryptocurrency, or both. While in May 2023, a different cluster of packages was reported that delivered malware aimed at stealing passwords and cryptocurrency, these two campaigns seem to be separate.

Key Findings

  • ESET Research discovered 116 malicious packages on PyPI uploaded in 53 projects.
  • These packages have been downloaded over 10,000 times, with a download rate of around 80 per day since May 2023.
  • The malware deploys a backdoor capable of remote command execution, exfiltration, and taking screenshots.
  • The backdoor component is implemented for both Windows in Python and Linux in Go.

For the full article, visit the ESET Research website.


Previous article
Kate Middleton and the Art of Wearing a Dress in Various Colors
Next article
Shining a Light on the Body in an Emerging Arab Art Scene
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Popular

Load more

EDITOR PICKS

POPULAR POSTS

POPULAR CATEGORY

© shahanews.com