Malware downloaded from PyPI 41,000 times was surprisingly stealthy

reverse shell to proxy communications with control servers through the Fastly content distribution network. Another technique is DNS tunneling, something that JFrog said it had never seen before in malicious software uploaded to PyPI.

A powerful vector

“Package managers are a growing and powerful vector for the unintentional installation of malicious code, and as we discovered with these 11 new PyPI packages, attackers are getting more sophisticated in their approach, Shachar Menashe, senior director of JFrog research, wrote in an email. “The advanced evasion techniques used in these malware packages, such as novel exfiation or even DNS tunneling (the first we’ve seen in packages uploaded to PyPI) signal a disturbing trend that attackers are becoming stealthier in their attacks on open source software.”

Read 11 remaining paragraphs | Comments

Malware downloaded from PyPI 41,000 times was surprisingly stealthy

A powerful vector

Researchers repaired cells in damaged pig organs an hour after the animal’s death

Amasty Must-Haves Suite for Magento 2

Women in leadership are leaning out (and into a better job)

A 3-Step Guide to Going Global

Amasty Magento 2 PWA Solutions

Swatters used Ring cameras to livestream attacks, taunt police, prosecutors say

Linux and CSS

Fast Domains

TECHNOBABBLE

A powerful vector

Similar Posts