In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-09-22 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > IT Information >
Share
Shulou(Shulou.com)11/24 Report--
CTOnews.com, October 23 (Xinhua)-- Security company Checkmarx found that hackers have launched a new wave of PyPI "copycat" malicious software package attacks, mainly targeting users using Aliyun and Amazon AWS.
Since September this year, security companies have detected hackers "poisoning" PyPI's official warehouse and uploading a series of malicious software packages. The malicious code in these packages will not automatically start after the user installs the package, unless the user calls a specific function when using the package.
CheckmarxCheckmarx, the source of ▲ graphics, believes that because many security analysis software only scans for malicious code that runs automatically, it is difficult to find such packages that "can only start malicious code through specific functions".
CTOnews.com learned from the report that, for example, a malicious software package called Telethon2 in PyPI's official warehouse is actually a "fake" version of "authentic" Telethon, which has been downloaded more than 6900 times.
▲ Picture Source Checkmarx Security found that in this malicious software package called "Telethon2", the hacker did not cause the malicious code to start after installation, but by embedding two lines of instructions in telethon / client / messages.py so that the user would start the malicious code when sending the "message".
In order to entice developers to be fooled, hackers not only use the means of imitating domain names (Typosquatting), but also make these "fake" software packages look "quite popular".
As developers often refer to the statistics of GitHub in the process of selecting software packages, attackers deliberately link the "fake packages" in PyPI to irrelevant projects on GitHub, causing developers to mistakenly think that relevant software packages are welcomed by the outside world, thus reducing their guard.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
The market share of Chrome browser on the desktop has exceeded 70%, and users are complaining about
The world's first 2nm mobile chip: Samsung Exynos 2600 is ready for mass production.According to a r
A US federal judge has ruled that Google can keep its Chrome browser, but it will be prohibited from
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
About us Contact us Product review car news thenatureplanet
More Form oMedia: AutoTimes. Bestcoffee. SL News. Jarebook. Coffee Hunters. Sundaily. Modezone. NNB. Coffee. Game News. FrontStreet. GGAMEN
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
