[rwth-security] PyPi package backdoors Macs using the Sliver pen-testing suite

14 Mai 2024


      Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"PyPi package backdoors Macs using the Sliver pen-testing suite"
--> "... mimicked the popular 'requests' library on the Python
         Package Index (PyPI) ..."
--> "... several steps and obfuscation layers, including using
         steganography in a PNG image file to covertly install the
         Sliver payload on the target ..."
-->  malicious Python package for macOS named 'requests-darwin-lite,'
VG
Bernd
[0]
https://www.bleepingcomputer.com/news/security/pypi-package-backdoors-macs-u...
-- 

Bernd Kohler

IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler@itc.rwth-aachen.de
https://www.itc.rwth-aachen.de

Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/c/ITCenterRWTHAachen

2024

2023

2022

2021

2020

2019

2018

[rwth-security] PyPi package backdoors Macs using the Sliver pen-testing suite