Security experts are warning about an ongoing supply chain attack that disseminates an information thief using malicious Python packages. The attack, which had been going on since the beginning of October, was discovered by Phylum on November 1.
The perpetrators copied existing, well-known libraries and added a malicious “import” statement to them. The injection of code is intended to infect the victim’s computer with a background-running script. A modified version of the information thief known as Wasp is contained in the script that retrieves the victim’s geolocation.
Also Read: Strategies to Improve Enterprise-Wide Cybersecurity Vulnerability Management
According to Checkmarx, the attackers have so far been successful in infecting hundreds of victims while actively releasing new packages to continue the campaign.
Read More: Hundreds Infected With ‘Wasp’ Stealer in Ongoing Supply Chain Attack
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
