Lilaebrari tse tharo tse nang le khoutu e mpe li fumanoe bukeng ea PyPI (Python Package Index). Pele litaba li tsejoa le ho tlosoa bukeng, liphutheloana li ne li kopitsoe ka kakaretso ea makhetlo a ka bang 15.
The dpp-client (10194 downloads) le dpp-client1234 (1536 downloads) liphutheloana li ile tsa ajoa ho tloha ka Hlakola 'me li kenyelelitsoe khoutu ea ho romella litaba tsa mefuta-futa ea tikoloho, tse ka etsang mohlala, ho kenyelletsa linotlolo tsa phihlello, li-tokens, kapa li-password bakeng sa litsamaiso tse tsoelang pele tsa kopanyo kapa tikoloho ea maru joalo ka AWS. Liphutheloana li boetse li rometse lethathamo la litaba tsa "/home," "/mnt/mesos/," le "mnt/mesos/sandbox" ho moamoheli oa kantle.
Sephutheloana sa aws-login0tool (li-download tse 3042) se ile sa romelloa polokelong ea PyPI ka la 1 Tšitoe 'me sa kenyelletsa khoutu ea ho jarolla le ho tsamaisa sesebelisoa sa Trojan ho hapa taolo ea li-host tse sebetsang. WindowsHa ho kgethwa lebitso la sephutheloana, mohopolo e ne e le hore dinotlolo tsa "0" le "-" di haufi, kahoo ho na le monyetla wa hore moqapi a tla thaepa "aws-login0tool" ho ena le "aws-login-tool."
Liphutheloana tse nang le bothata li ile tsa khetholloa ka teko e bonolo eo ho eona karolo e nyenyane ea liphutheloana tsa PyPI (tse ka bang 200 tsa liphutheloana tse 330 sebakeng sa polokelo) li ile tsa khoasolloa ho sebelisoa Bandersnatch, 'me tšebeliso ea grep e ile ea sebelisoa ho arola le ho hlahloba liphutheloana tseo faele ea setup.py e boletseng "import urllib" e atisang ho sebelisoa ho romela melaetsa.
Source: opennet.ru
