Cryptominer-spreading PyPI packages target Linux systems

5 January 2024

Threat actors have sought to compromise Linux systems with the CoinMiner cryptocurrency mining malware through three novel malicious Python Package Index repository packages, which have been cumulatively downloaded 431 times before being removed from the PyPI repository, reports The Hacker News. While similar to the culturestreak package used for cryptominer deployment in a previous campaign in terms of the hosting locations for their respective configuration files and coin mining executables, all of the new packages namely catdash, driftme, and modularseven had their illicit functionality hidden within the shell script to better bypass detection, with malicious commands injected into the ~/.bashrc file, according to a report from Fortinet FortiGuard Labs.

Source: SC Magazine

Date:

5 January 2024

Categorie(s):

NEWS

Tag(s):

Identity Theft, Linux, OS, Phishing, PyPI

DEAL: Buy Surfshark VPN And Get Surfshark Antivirus For Free1 May 2024
Significant drop recorded in FBI searches of Section 702 database1 May 2024
Payment Challenges: How E-Commerce Businesses Can Deal With Payment Errors1 May 2024
Infosec biz boss accused of BS’ing the world about his career, anti-crime product, customers1 May 2024
How To Organize Your Digital Life With Desktop.com1 May 2024