3 Malicious PyPI Packages Targeting Linux with Crypto Miners Found

3 Malicious PyPI Packages Targeting Linux with Crypto Miners Found
Share to X (Twitter) Share to LinkedIn Share to Facebook Share to Telegram Share to WhatsApp Share to Reddit Share to E-mail
Hackdra Cybersecurity Profile Hackdra Cybersecurity
Security News
10/01/2024

Three new malicious packages with the ability to distribute a cryptocurrency miner to affected Linux devices have been discovered in the Python Package Index (PyPI) open-source repository. The three harmful packages, named Modularseven, driftme, and catme, were downloaded a total of 431 times last month before being removed.

The malicious code is found within a shell script (“unmi.sh”) that decrypts the code of a remote server and initiates the first stage in the init.py file, which hosts a configuration file for mining activity as well as the CoinMiner file. The ELF binary file is then executed in the background using the nohup command, ensuring that the process continues to run even after the session has ended.

Hackdra
Hackdra
@hackdra Cybersecurity

Hackdra was founded in 2019 by of the sector Pioneer cyber defense experts determined to save the internet from cyber deteriorations. By combining his passion for security with the high-level artificial intelligence technology he developed, he earned the title of the industry’s “first and only Dynamic Artificial Intelligence-based cybersecurity company”. By developing innovative methods for security risks that traditional methods cannot prevent, it has gave direction the understanding of security in the sector and has made a name for itself in the world cyber security configurations.

Hackdra FacebookHackdra X (Twitter)Hackdra TelegramHackdra WhatsappHackdra LinkedinHackdra GithubHackdra Reddit
Send an email to Hackdra

Related Posts

Close
Search

Hit enter to search or ESC to close