Malicious actors have launched an ongoing campaign to infect developer systems with clipper malware. These actors have published more than 451 unique Python packages on the official Python Package Index (PyPI) repository to achieve their goal, according to software supply chain security company Phylum. The PyPI repository is the largest repository of open-source software packages for the Python programming language and is used by millions of developers worldwide.
Phylum notes that the attackers have significantly increased their footprint in PyPI through automation. They have flooded the ecosystem with packages like these and are expected to continue to do so. The findings coincide with a report from Sonatype, which found 691 malicious packages in the npm registry and 49 malicious packages in PyPI during the month of January 2023 alone.
This development illustrates the growing threat that developers face from supply chain attacks, with adversaries relying on methods like typosquatting to deceive users into downloading fraudulent packages. This campaign is an alarming reminder of the need for better supply chain security practices and the importance of regularly auditing the software packages that developers use. Developers must be cautious and check the authenticity of the packages they download and ensure that the packages they use are from a trustworthy source.
CryptoArmor helps protect targeted attacks on digital asset firms like Clipper Malware. CryptoArmor cybersecurity automates and simplifies security for digital asset firms. Advantaged managed protection against advanced attacks. Contact CryptoArmor to get a free demo and free assessment for security compliance management, cybersecurity risk assessment, security program building, advanced penetration testing, and detection incident response services.
CryptoArmor is cybersecurity company based in Austin, Texas. CryptoArmor offers advanced cybersecurity protection for Digital Asset Firms, Crypto Mining Companies, and Financial Institutions. Protection Against Tomorrow’s Attacks. Today.
Contact CryptoArmor: firstname.lastname@example.org