Malicious PyPI package opens backdoors on Windows, Linux, and Macs

Advisories

Discover Hacks/Cracks News

Malicious PyPI package opens backdoors on Windows, Linux, and Macs

22.Lock ScreenEffect

Yet another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike beacons and backdoors on Windows, Linux, and macOS systems.

PyPI is a repository of open-source packages that developers can use to share their work or benefit from the work of others, downloading the functional libraries required for their projects.

On May 17, 2022, threat actors uploaded a malicious package named 'pymafka' onto PyPI. The name is very similar to PyKafka, a widely used Apache Kafka client that counts over four million downloads on the PyPI registry.

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.