Malicious PyPI Packages Infect Thousands of Windows and Linux Systems
Researchers have discovered 116 malicious packages on the Python Package Index (PyPI) repository that are designed to infect Windows and Linux systems with a custom backdoor. The packages have been downloaded over 10,000 times since May 2023. The attackers use various techniques to bundle the malicious code into Python packages, with the goal of compromising the targeted host with malware capable of remote command execution, data exfiltration, and taking screenshots. This is the latest in a series of compromised Python packages used for supply chain attacks, highlighting the need for developers to thoroughly vet the code they download.