Researchers have uncovered another batch of malicious Python libraries hosted on Python Package Index (PyPI).
The malicious packages
PyPI is the official third-party software repository for Python and a great source of open source libraries and modules for implementing common functionalities.
Unfortunately, if a malicious component ends up on it, chances are many developers will download and implement it before it is discovered and removed from the repository.
This happened with libpeshnx, libpesh and libari, three packages developed by user ruri12, who published them in November 2017.
“If the [libpeshnx] package is installed on a Linux system, it will try to download a file from the C2 domain, save it as a hidden file named .drv in the user’s home directory, and persist itself inside .bashrc to be run as a back ..
Support the originator by clicking the read the rest link below.
