North Korean Hackers Launches New Attack on PyPI Repositories

IndustryTrends

As part of the continuing VMConnect malicious software supply chain effort, security researchers uncovered three more rogue Python packages in the PyPI repository.

These packages, dubbed tableeditor, request-plus, and requestspro, were discovered to be part of a campaign.

ReversingLabs, discovered that the threat actors behind VMConnect are impersonating respectable programmes like prettytable and requests.

The tablediter package contains malicious code that runs in an infinite execution loop and visits a remote server on a regular basis.

Notably, the malicious code is no longer activated immediately after the installation of the tablediter.

Join our WhatsApp Channel to get the latest news, exclusives and videos on WhatsApp

                                                                                                       _____________                                             

Disclaimer: Analytics Insight does not provide financial advice or guidance on cryptocurrencies and stocks. Also note that the cryptocurrencies mentioned/listed on the website could potentially be scams, i.e. designed to induce you to invest financial resources that may be lost forever and not be recoverable once investments are made. This article is provided for informational purposes and does not constitute investment advice. You are responsible for conducting your own research (DYOR) before making any investments. Read more about the financial risks involved here.

Read More Stories