Malicious Python packages targets developers

Image via Pixabay

New research recently released reveals an increase in malicious code disguised as Python obfuscation packages.

In the realm of software development, open-source tools and packages play a pivotal role in simplifying tasks and accelerating development processes. However, as the community grows, so does the number of bad actors looking to exploit it, which includes developers being targeted by seemingly legitimate Python obfuscation packages that harbor malicious code.

New research released by Checkmarx says the malicious payload — called “BlazeStealer” — activates upon installation, receives an additional malicious script from an external source and enables a Discord bot that gives attackers complete control over the victim’s computer.

Percentage distribution of total downloads of the malicious package by country

United States — 69.2%
China — 12.4%
Russia — 5.5%
Other — 3.8%
Ireland — 3%
Hong Kong — 1.6%
Croatia — 1.6%
France — 1.4%
Spain — 1.4%

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.