A new Python package has been discovered that facilitates cryptocurrency theft in the Python Package Index repository (PyPI).

The package was discovered by cybersecurity researchers who warned against its use. The package is called Pytoileur and has been downloaded 316 times. The author of the package has also uploaded an updated version following the removal of the original package by the site admin. The package operates by having malicious code embedded in the package script, allowing it to execute a Base64-encoded payload. The payload is then responsible for retrieving a Windows binary. Once the binary is run, malicious payloads are deployed that contain spyware, and stealer malware. This stealer malware is designed to confiscate private personal payment information, as well as web browser data.

Read more:

https://thehackernews.com/2024/05/cybercriminals-abuse-stackoverflow-to.html