Malicious Python Packages Target Developers

Highly invasive malware, which targets software developers, has been downloaded thousands of times in the last eight months, according to researchers at Checkmarx.

The tools are disguised as legitimate Python obfuscation tools, says Dan Goodin, with the most recent released last month by the name of "pyobfgood." Once executed, he says, the tool “installs a payload, giving the attacker almost complete control of the developer’s machine.” For example, the tools can:

  • Steal passwords from the Chrome web browser
  • Set up a keylogger
  • Download files from the victim's system
  • Capture screenshots and record both screen and audio

Yehuda Gelb at Checkmarx notes, “Developers who engage in code obfuscation are likely working with valuable and sensitive information. As a result, hackers see them as valuable targets to pursue.”

Read more at Ars Technica.

Contact FOSSlife to learn about partnership and sponsorship opportunities.

FOSSlife Newsetter