Malicious Packages Hidden in PyPI

    Thursday, August 1, 2024 In: Threat Research Print

    Date: 08/01/2024

    Severity: High 

    Summary

    The FortiGuard Labs team has identified a malicious PyPI package affecting all platforms where PyPI packages are installed. This poses a major risk to anyone who has installed it, potentially leading to credential and sensitive information leaks. Due to the severity of the threat, it’s essential to address this specific PyPI package. This report outlines its impacts and stresses the need for careful security practices in managing software dependencies.

    Indicators of Compromise (IOC) List

        Hash

    348ee268ef62af51add78b46df9fe8e2bdf41166d19084af75498333e81e6f3b

    Gurucul Threat Detection and Incident Response (TDIR) Queries for Detection

          Hash 

    sha256hash IN ("348ee268ef62af51add78b46df9fe8e2bdf41166d19084af75498333e81e6f3b")

    Reference:

    https://www.fortinet.com/blog/threat-research/malicious-packages-hidden-in-pypl 

     

    « Previous ArticleNext Article »

    Comments

    No records to display

    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2025 by Gurucul - All rights reserved.