The security company Jfrog is said to have discovered that Python’s software warehouse Python Package Index, PyPi, must have contained as many as eleven packages with malicious code that have been downloaded over 41,000 times. Something that was first reported by Ars Technica.
The malicious code must be masked on PyPi using advanced methods such as “reverse shell” and “DNS tunneling”.
According to security researchers, this will be the first time that DNS tunneling has been used for malware uploaded on PyPi. The increasingly advanced methods used to obtain malware on PyPi indicate that the trials will continue in the future.
Following Jfrog’s discovery, PyPi has now removed all malicious packages.
Also read: Cybercriminals offer online courses in building botnets
– .
