Tuesday, July 9, 2024

Stack Overflow Links Pushing Malware

Lawrence Abrams (via Hacker News):

Cybercriminals are abusing Stack Overflow in an interesting approach to spreading malware—answering users’ questions by promoting a malicious PyPi package that installs Windows information-stealing malware.

[…]

This PyPi package is named ‘pytoileur’ and was uploaded by threat actors to the PyPi repository over the weekend, claiming it was an API management tool. Notice how the package has the “Cool package” string in the Summary metadata field, indicating it is part of this ongoing campaign.

Previously:

Comments RSS · Twitter · Mastodon

Leave a Comment