26 mapaketi oyipa adapezeka mu kalozera wa PyPI (Python Package Index) wokhala ndi code yobisika mu setup.py script yomwe imatsimikizira kupezeka kwa zizindikiritso za crypto wallet mu clipboard ndikuzisintha kukhala chikwama cha omwe akuwukirayo (amaganiziridwa kuti polipira , wozunzidwayo sangazindikire kuti nambala yomwe yatumizidwa kudzera pa clipboard exchange wallet ndiyosiyana).
Kulowetsedwako kumachitidwa ndi JavaScript script yomwe, itatha kuyika phukusi loyipa, imayikidwa mu msakatuli mu mawonekedwe a msakatuli wowonjezera omwe amachitidwa pa tsamba lililonse lomwe likuwonetsedwa. Njira yowonjezera yowonjezera imamangiriridwa pa nsanja ya Windows ndipo imayikidwa pa Chrome, Edge ndi Brave asakatuli. Imathandizira m'malo mwa zikwama za cryptocurrencies ETH, BTC, BNB, LTC ndi TRX.
Maphukusi oyipa amabisidwa mu chikwatu cha PyPI ngati malaibulale ena otchuka pogwiritsa ntchito typequatting (kupereka mayina ofanana omwe amasiyana ndi zilembo, mwachitsanzo, examplepl m'malo mwa mwachitsanzo, djangoo m'malo mwa django, pyhton m'malo mwa python, ndi zina). Popeza ma clones opangidwa amabwereza kwathunthu malaibulale ovomerezeka, omwe amasiyana ndi malo oyipa okha, owukira amadalira ogwiritsa ntchito osazindikira omwe adalemba ndipo sanazindikire kusiyana kwa dzina posaka. Poganizira za kutchuka kwa malaibulale ovomerezeka oyambilira (chiwerengero chotsitsa chikuposa makope 21 miliyoni patsiku), omwe amasinthidwa ngati zithunzi zoyipa, mwayi wogwira wovulalayo ndiwokwera kwambiri, mwachitsanzo, ola limodzi pambuyo posindikizidwa. phukusi loyamba loyipa, idatsitsidwa nthawi zopitilira 100.
Ndizofunikira kudziwa kuti sabata yapitayo, gulu lomwelo la ofufuza lidazindikira maphukusi ena 30 oyipa mu PyPI, ena omwe adadzibisanso ngati malaibulale otchuka. Pachiwopsezochi, chomwe chidatenga pafupifupi milungu iwiri, zida zoyipa zidatsitsidwa nthawi 5700. M'malo mwa script yosinthira ma wallet a crypto m'maphukusiwa, gawo la W4SP-Stealer linagwiritsidwa ntchito, lomwe limafufuza ma passwords osungidwa, makiyi olowera, ma wallet a crypto, ma tokeni, makeke agawo ndi zinsinsi zina, ndikutumiza mafayilo opezeka. kudzera pa Discord.
Kuyitanira kwa W4SP-Stealer kudapangidwa polowa m'malo mwa "__import__" mawu mu setup.py kapena __init__.py mafayilo, omwe adalekanitsidwa ndi mipata yambiri, kuti apange __import__ kuyimba kunja kwa malo owoneka m'mawuwo. mkonzi. Mu "__import__" chipika, chipikacho chinasinthidwa mu mtundu wa Base64 ndikulembera fayilo yosakhalitsa. Chidacho chinali ndi zolemba zotsitsa ndikuyika W4SP Stealer pamakina. M'malo mwa mawu oti "__import__", chipika choyipacho chidalumikizidwa m'maphukusi ena poyika phukusi lina poyitana "pip install" kuchokera pa setup.py script.
Mapaketi oyipa omwe adalowa m'malo mwa manambala a chikwama cha crypto:
- chakudya chokoma4
- zokongola4
- cloorama
- zolembalemba
- kulemba
- djangoo
- moni dziko chitsanzo
- moni dziko chitsanzo
- ipyhton
- mail-validator
- mysql-cholumikizira-pyhton
- bokosi
- pyautogiu
- pygaem
- pythorhc
- python-dateuti
- python-botolo
- python3-botolo
- pyyalm
- rqueests
- slenium
- sqlachemy
- sqlcemy
- tkniter
- urllib
Maphukusi oyipa odziwika omwe amatumiza deta yachinsinsi kuchokera kudongosolo:
- typeutil
- mtundu wamtundu
- sutitype
- duonet
- fatnoob
- strinfer
- pydprotect
- incrivelsim
- twine
- pyptext
- installpy
- FAQ
- colorwin
- zopempha-httpx
- colorsama
- shaasigma
- chingwe
- felpesviadinho
- Cyprus
- pystyle
- pyslyte
- pystyle
- pyrurllib
- zodziwikiratu
- uwu
- iyo
- curlapi
- mtundu-mtundu
- pyhints
Source: opennet.ru