Discover Hacks/Cracks News
241 npm and PyPI Packages Caught Dropping Linux Cryptominers
More than 200 malicious packages have been discovered infiltrating the PyPI and npm open source registries this week.
These packages are largely typosquats of widely used libraries and each one of them downloads a Bash script on Linux systems that run cryptominers.
Researchers have caught at least 241 malicious npm and PyPI packages that drop cryptominers after infecting Linux machines.
These packages are typosquats of popular open source libraries and commands like React, argparse, and AIOHTTP, but instead, download and install cryptomining Bash scripts from the threat actor's server.
On Wednesday, software developer and researcher Hauke Lübbers shared coming across "at least 33 projects" on PyPI that all launched XMRig, an open source Monero cryptominer, after infecting a system.