Advertisement
Top
image credit: Pexels

Python, JavaScript Developers Targeted With Fake Packages Delivering Ransomware

December 12, 2022

Via: Security Week
Category:

On Friday, the researchers warned that a threat actor was typosquatting popular PyPI packages to direct developers to malicious dependencies containing code to download payloads written in Golang (Go).

The purpose of the attack is to infect victims with ransomware variants designed to update the desktop background with a message impersonating the CIA and instructing the victim to open a ‘readme’ file. The malware also attempts to encrypt some of the victim’s files.

Read More on Security Week

RELATED PUBLICATIONS

Cyberattack disrupted services at Omni Hotels & Resorts
The impact of compromised backups on ransomware outcomes
EquiLend Ransomware Attack Leads to Data Breach 

Latest Publications

Google fixed critical Chrome vulnerability CVE-2024-4058
North Korean Hackers Hijack Antivirus Updates for Malware Delivery
AI set to play key role in future phishing attacks
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!