Kaspersky Reports Supply Chain Attack on Python Package Index
/ 1 min read
Kaspersky uncovers supply chain attack on Python Package Index. Kaspersky’s Global Research and Analysis Team (GReAT) has identified a sophisticated supply chain attack involving malicious packages on the Python Package Index (PyPI) that masqueraded as AI chatbot tools. Disguised as ‘gptplus’ and ‘claudeai-eng’, these packages, uploaded in November 2023, were designed to distribute the JarkaStealer malware, which can steal sensitive data and capture screenshots. The attack went undetected for nearly a year, resulting in over 1,700 downloads across more than 30 countries, with the highest activity in the U.S., China, and several European nations. Kaspersky has reported the findings to PyPI, leading to the removal of the malicious packages, and emphasizes the need for stringent verification processes to protect software supply chains.