Beware: 3 Malicious PyPI Packages Found Targeting Linux with Crypto Miners

Three new malicious packages that can install a Bitcoin miner on vulnerable Linux computers have been found in the Python Package Index (PyPI) open-source repository.

Before being removed, the three malicious packages—driftme, catme, and modulareven—had received 431 downloads in the previous month.

The campaign has similarities to a previous campaign that used a program named culture streak to run a cryptocurrency miner. “These packages, upon initial use, deploy a CoinMiner executable on Linux devices,” Fortinet FortiGuard Labs researcher Gabby Xiong said.

The malicious code is contained in the init.py file, which decodes and receives the first stage from a remote server read more Malicious PyPI Packages Found Targeting Linux with Crypto Miners.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *