According to ReversingLabs, a suspicious NuGet package designed to extract data from industrial systems appears to target developers who use technologies from the Chinese business Bozhon.
The package, named SqzrFramework480 and published to the NuGet repository in January 2024, is a.NET framework that calibrates robotic movement parameters, manages and creates GUIs, initializes and configures machine vision libraries, and more. It can, however, gather information from various industrial devices, such as cameras and robotic arms, as well as take screenshots, send ping packets, and open connections for data transfers.
While ReversingLabs believes the package could be harmful, it does not provide a clear explanation for why it was published on NuGet or what its actual function is.
Read More: Suspicious NuGet Package Harvesting Information From Industrial Systems
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
