Malicious Python Packages Found on PyPI
/ 1 min read
🦠 Malicious Python Packages Discovered on PyPI Threaten Data Security. Cybersecurity researchers from Fortinet FortiGuard Labs have identified two harmful packages, zebo and cometlogger, uploaded to the Python Package Index (PyPI), designed to exfiltrate sensitive information from infected systems. With 118 and 164 downloads respectively, these packages primarily attracted users from the U.S., China, Russia, and India before being removed. Zebo employs obfuscation techniques to hide its command-and-control server and captures keystrokes and screenshots, while cometlogger siphons data from various applications and system metadata. Experts warn that the suspicious functionalities of these packages make them unsafe, urging users to scrutinize code from unverified sources before execution.
